Remote Network Commands
Normally, being connected to some kind of network does not mean that you are able to directly access all resources provided by that network. Some devices, like tape drives and printers, are connected to special computers and are only accessible on these machines. Others, such as disk drives, can be accessed easily, when the system administrators allow it.
Gaining direct access to resources becomes more complicated the larger the network gets. This is partly due to security reasons, and partly due to the simple fact that the more people that have to be convinced you need to mount a disk, the less your chance of success. From this follows the rule that the more resources available, the harder it will usually be to connect to them.
A nice and easy way around this dilemma is using the remote commands rlogin, rcp and rsh. These commands allow access to any account that is owned by you on any computer in the network without the use of a password. rcp and rlogin can be compared with ftp and telnet, whereas rsh offers the possibility to combine commands on different machines in one shell pipeline.
Configuration is extremely easy—in fact, your host network is probably configured correctly already—and you have instant access to these capabilities. In this article, I present these commands, explain the local setup, give some examples to give you a start, show some options, and demonstrate the complexity that can be reached. Most of my examples can easily be replicated on your networked machine.
Under normal conditions (your network is up, you can telnet into other machines, and you can be reached by other machines), the only thing you need to do is create a file called .rhosts in your home directory which is readable and writable only by you (mode 600). This file should contain the full hostnames of each of the machines you want to log in from, and the user name on that machine, like this:
apple.groucho.edu fred orange.groucho.edu sam
The .rhosts file specifies the machines and users that are allowed to login to the user on the machine where the .rhosts file resides. If I am logged in as sam on the machine banana.groucho.edu and I have the above .rhosts file in my home directory, then the user sam from orange.groucho.edu and the user fred from the machine apple.groucho.edu have remote access to my account.
Now, I log into apple.groucho.edu (username fred) from my account on banana.groucho.edu. From apple.groucho.edu I run the following command: rlogin banana.groucho.edu -l sam. Once you are logged in, shell commands will work as normal.
If you are asked to enter your password, do not enter a password, but instead quickly switch back to your original login on banana.groucho.edu and type ps -a. In the process list your rlogin request should appear with the name of the machine it came from as an argument. When this is different from the name you entered in the .rhosts file, you will need to enter the new name. Sometimes a machine uses different lines or a common server for such communication, although its name doesn't change. If there is still no connection, you should ask the system administrator. Some machines simply don't allow any rlogin commands.
In order to respond to any rlogin request, your Linux machine's inetd.conf should have the following two lines:
shell stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.rshd login stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.rlogind
When you are a member of a domain and share usernames, you might want to include the hosts you frequently connect to in /etc/hosts.equiv. In this case your .rhosts file may contain only the nickname (which is commonly just the machine name without the domain information) together with the username. The above example .rhosts file on the machine named banana.groucho.edu would then look like:
apple.groucho.edu fred orange sam
The rcp command copies files or directories from one machine to another. It is used like the cp command. For instance, I can copy a file named test.dat from the remote machine banana to my local machine orange. (For this example to work the two machines must share usernames.)
rcp banana:test.dat .
rcp banana.groucho.edu:test.dat .
The file test.dat is situated in my home directory on banana and is copied to my current directory on orange.
If I want to copy my Mail directory and its contents to orange into the directory Mail.banana (again, from orange):
rcp -r banana:Mail Mail.banana
To preserve the time stamp I would type:
rcp -r -p banana:Mail Mail.banana
Making a remote copy from the machine apple where I have a different account, apple:
rcp fred@apple:test.dat test
Of course, things also work the other way around. Here is a remote copy to apple:
rcp test.dat fred@apple:test.dat
The last interesting thing would be a copy from apple to banana, while you're logged into banana. Unfortunately, this works on every other machine except my Linux machines:
rcp fred@apple:test.dat banana:test.dat
You see that rcp is a bit handier than ftp.
With rlogin you perform a remote login to another machine. It can be used instead of telnet:
rlogin -l fred apple
rlogin apple -l fred
(for some versions of Unix)
I integrate every machine in my window-menu with an rlogin. This makes login very efficient. As an example, here are two descriptions—one for windows manager fvwm and one for olvwm--to add a menu and a shortcut key for rlogin to orange. The xhost can be omitted, but it is useful for other things. For fvwm:
Popup "Rlogin" Title "Rlogin" Exec "banana F1" xhost +banana;\ exec xterm -fn fixed -T banana -sb -e rlogin banana & EndPopup Key F1 A N Exec "banana" xhost +banana;\ exec xterm -fn fixed -T banana -sb -e rlogin banana &
"Login" MENU "Rlogin" TITLE PIN "banana" xhost +banana; exec xterm -T banana\ -sb -e rlogin banana "Login" END
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- The Qt Company's Qt Start-Up
- Devuan Beta Release
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- Open-Source Project Secretly Funded by CIA
- The US Government and Open-Source Software
- The Death of RoboVM
- The Humble Hacker?
- New Container Image Standard Promises More Portable Apps
- BitTorrent Inc.'s Sync
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide