Remote Network Commands

by Jens Hartmann

Normally, being connected to some kind of network does not mean that you are able to directly access all resources provided by that network. Some devices, like tape drives and printers, are connected to special computers and are only accessible on these machines. Others, such as disk drives, can be accessed easily, when the system administrators allow it.

Gaining direct access to resources becomes more complicated the larger the network gets. This is partly due to security reasons, and partly due to the simple fact that the more people that have to be convinced you need to mount a disk, the less your chance of success. From this follows the rule that the more resources available, the harder it will usually be to connect to them.

A nice and easy way around this dilemma is using the remote commands rlogin, rcp and rsh. These commands allow access to any account that is owned by you on any computer in the network without the use of a password. rcp and rlogin can be compared with ftp and telnet, whereas rsh offers the possibility to combine commands on different machines in one shell pipeline.

Configuration is extremely easy—in fact, your host network is probably configured correctly already—and you have instant access to these capabilities. In this article, I present these commands, explain the local setup, give some examples to give you a start, show some options, and demonstrate the complexity that can be reached. Most of my examples can easily be replicated on your networked machine.

Setup:

Under normal conditions (your network is up, you can telnet into other machines, and you can be reached by other machines), the only thing you need to do is create a file called .rhosts in your home directory which is readable and writable only by you (mode 600). This file should contain the full hostnames of each of the machines you want to log in from, and the user name on that machine, like this:

apple.groucho.edu          fred
orange.groucho.edu              sam

The .rhosts file specifies the machines and users that are allowed to login to the user on the machine where the .rhosts file resides. If I am logged in as sam on the machine banana.groucho.edu and I have the above .rhosts file in my home directory, then the user sam from orange.groucho.edu and the user fred from the machine apple.groucho.edu have remote access to my account.

Now, I log into apple.groucho.edu (username fred) from my account on banana.groucho.edu. From apple.groucho.edu I run the following command: rlogin banana.groucho.edu -l sam. Once you are logged in, shell commands will work as normal.

If you are asked to enter your password, do not enter a password, but instead quickly switch back to your original login on banana.groucho.edu and type ps -a. In the process list your rlogin request should appear with the name of the machine it came from as an argument. When this is different from the name you entered in the .rhosts file, you will need to enter the new name. Sometimes a machine uses different lines or a common server for such communication, although its name doesn't change. If there is still no connection, you should ask the system administrator. Some machines simply don't allow any rlogin commands.

In order to respond to any rlogin request, your Linux machine's inetd.conf should have the following two lines:

shell   stream  tcp     nowait  root /usr/sbin/tcpd  /usr/sbin/in.rshd
login   stream  tcp     nowait  root /usr/sbin/tcpd  /usr/sbin/in.rlogind

When you are a member of a domain and share usernames, you might want to include the hosts you frequently connect to in /etc/hosts.equiv. In this case your .rhosts file may contain only the nickname (which is commonly just the machine name without the domain information) together with the username. The above example .rhosts file on the machine named banana.groucho.edu would then look like:

apple.groucho.edu               fred
orange                          sam
RCP:

The rcp command copies files or directories from one machine to another. It is used like the cp command. For instance, I can copy a file named test.dat from the remote machine banana to my local machine orange. (For this example to work the two machines must share usernames.)

rcp banana:test.dat .

or

rcp banana.groucho.edu:test.dat .

The file test.dat is situated in my home directory on banana and is copied to my current directory on orange.

If I want to copy my Mail directory and its contents to orange into the directory Mail.banana (again, from orange):

rcp -r banana:Mail Mail.banana

To preserve the time stamp I would type:

rcp -r -p banana:Mail Mail.banana

Making a remote copy from the machine apple where I have a different account, apple:

rcp fred@apple:test.dat test

Of course, things also work the other way around. Here is a remote copy to apple:

rcp test.dat fred@apple:test.dat

The last interesting thing would be a copy from apple to banana, while you're logged into banana. Unfortunately, this works on every other machine except my Linux machines:

rcp fred@apple:test.dat banana:test.dat

You see that rcp is a bit handier than ftp.

rlogin:

With rlogin you perform a remote login to another machine. It can be used instead of telnet:

rlogin orange

or

rlogin -l fred apple

or

rlogin  apple -l fred

(for some versions of Unix)

I integrate every machine in my window-menu with an rlogin. This makes login very efficient. As an example, here are two descriptions—one for windows manager fvwm and one for olvwm--to add a menu and a shortcut key for rlogin to orange. The xhost can be omitted, but it is useful for other things. For fvwm:

Popup "Rlogin"
Title "Rlogin"
Exec "banana F1" xhost +banana;\
exec xterm -fn fixed -T banana -sb -e rlogin banana & EndPopup
Key F1  A N  Exec "banana" xhost +banana;\
exec xterm -fn fixed -T banana -sb -e rlogin banana &

For olvwm:

"Login" MENU
"Rlogin" TITLE PIN
"banana"  xhost +banana; exec xterm -T banana\
-sb -e rlogin banana
"Login" END
rsh:

The rsh command is the most powerful remote command, as it can be integrated into a pipe. This enables you to execute complex command sequences between different machines. Without any command, rsh rlogins to the other machine. When I am logged into orange:

rsh banana
logs me remotely to banana, while:
rsh -l fred apple

does the same on apple, where the username is different from the one for my current shell on orange.

Both stdout and stderr from the remote machine are piped to the local machine. After establishing the connection, neither /etc/profile nor .bash_profile (for bash) nor .login (for csh and tcsh) are scanned. This can be confusing in the beginning, as not everything you defined as variables and aliases for a login shell are present. This is different from rlogin, which gives you a real “login shell”. The most common problem is that you use a command that cannot be found because the path variable has not been set correctly. In these cases, you could set your path in your shell initialization file, such as .bashrc or .cshrc (there is no such file for /bin/sh, however). A more general solution is to simply use fully qualified pathnames for commands.

The easiest use of rsh is a simple command like:

rsh banana ls

You should get a listing from your home directory on banana. If you want to use options that start with “-”, the syntax would be:

rsh banana `ls -al'

Everything in between the quotes is executed on banana.

The listing was sent to your local stdout, your screen, just as if ls had been executed locally (on orange). Below are some examples of creating a tar archive on banana from a directory called bin, with the output going to stdout and the archive file being placed on orange:

rsh banana `tar cf - bin' | dd of=archive.tar

or

rsh banana `tar cf - bin' > archive.tar

Of course this will work for different usernames or in the other direction too:

rsh -l fred apple `tar cf - bin' > archive.tar       tar cf - bin | rsh -l
fred apple dd of=archive.tar

The dd command is very handy here, because it copies stdin to the file specified by of. If I were to use > to redirect the output, I would end up on orange again, but I want the file to be written to apple instead, which dd does correctly.

rsh Wizardry:

Now for some examples of what happens on which machine. Start with something simple:

        ps -aux | grep root

This shows all processes root owns on your local machine. The next command will show all processes on banana which are owned by root.

        rsh banana `ps -aux' | grep root

In this case, the ps command is executed on banana, but grep is executed locally (on orange).

The next command does the same thing, except that the grep command is executed on banana, as is the ps command.

rsh banana `ps -aux | grep root'

or

rsh banana `ps -aux' | rsh banana `grep root'

The next example shows how to split stderr and stdout (this works only for sh or bash, not for csh or tcsh!):

 rsh banana `dd if=bin.tar 2>fehler' > test.dat

Here we have dd that writes its error output to the file fehler on banana, but which transmits its standard output to orange into the file test.dat. The secret here is the use of quotes. Because 2>fehler is inside the quotes it is executed on banana. Things can get very tricky. Not only can you make full use of shell commands, you also can run them on different machines:

rsh banana `tar xf bin.tar `rsh banana `tar tf \ bin.tar' | grep gj2.c`'

Here I have a tar archive bin.tar on banana. In it there is a file called usr/local/src/gj2.c. First, there is a command expansion in between ` ... `. This expansion returns all the filenames from the archive which contain the string “gj2.c”. First, tar tf returns the list of files in the archive and then grep (running on orange) performs the pattern match. This yields usr/local/src/gj2.c and usr/local/src/gj2.c~. Now the first tar (tar xf bin.tar) extracts these files on banana.

Imagine that you have a tape drive attached to banana and another to orange. You want to make a copy of a tape. Dumping the contents of the tape to the disk drive and copying it back to another tape would be a solution, but would require enough free disk space to hold the entire contents of the tape. Another solution would look like:

rsh banana dd if=/dev/rst0 ibs=1024 | dd \
of=/dev/rmt0 obs=1024

Here /dev/rst0 is a SCSI tape drive on banana and /dev/rmt0a SCSI tape drive on orange. Now you want to process your data with a special program called demux. After processing, your data has shrunk considerably to about 200 megabytes. As we operate on binary data, porting our program to banana would be very time consuming (orange is still my Linux machine). On the other hand, orange doesn't have 200 megabytes of free space. We do the following:

rsh banana dd if=/dev/rst0 ibs=1024 | demux | \
rsh banana dd of=file.dat

Now we read from banana, process on orange and write back to banana.

In the next illustration you want to access a printer connected to banana. We have a PostScript file, test.ps, that we want to send on a printer called p_a4:

dd if=test.ps | rsh banana `lpr -Pp_a4'

You might want to have a look at the file before you print it:

dd if=test.ps | rsh banana `xv - -display orange:0'

This will only work under X-windows. On orange, you would have given a command like xhost +banana first.

Problems:

Apart from the fact that some of the above examples probably will not run under some configurations, I have encountered some strange behavior. Consider we have, as in the previous examples, two identical files: bin.tar on banana and bin.tar on orange. Now I try on orange:

ls | grep bin

The response is bin.tar. The same goes for:

rsh banana ls | grep bin

but the next one chokes:

ls | rsh banana grep bin

Piping files into a remote shell with the command dd, though, has never choked.

Conclusion:

With the help of these commands, getting connected to other machines is made considerably easier. The rcp and rlogin commands can be almost fully substituted for commands such as ftp and telnet on your local network. Not only can you access your accounts, you might also allow other trusted users to access your accounts by means of the .rhosts file.

Finally, the rsh command enables you to generate data streams through several different machines, accessing local disk and tape drives (or anything else you are allowed to access).

Jens Hartmann (hartmann@dkrz.d400.de) is a geophysicist at the University of Hamburg, where he uses Linux for his work.

Load Disqus comments

Firstwave Cloud