Content deleted Content added
→Authentication: converting to {{code|...}} |
mNo edit summary |
||
Line 1:
{{Short description|Suite of remote-access utilities}}
{{Infobox Software
| name = Berkeley r-commands
Line 21 ⟶ 20:
The CSRG incorporated the r-commands into their [[Unix]] [[operating system]], the [[Berkeley Software Distribution]] (BSD). The r-commands premiered in BSD v4.1.<ref name="McKusick"/> Among the programs in the suite are: {{code|rcp}} (remote [[File copying|copy]]), {{code|rexec}} (remote [[Execution (computing)|execution]]), {{code|rlogin}} (remote [[login]]), {{code|rsh}} (remote [[Shell (computing)|shell]]), {{code|rstat}}, {{code|ruptime}}, and {{code|rwho}} (remote [[who (Unix)|who]]).<ref name="McKusick"/><ref>{{cite book |title=Guide to TCP/IP: IPv6 and IPv4 |first1=James |last1=Pyles |first2=Jeffrey L. |last2=Carrell |first3=Ed |last3=Tittel |chapter=Which IP Services Are Most Vulnerable? |chapter-url=https://books.google.com/books?id=sQevDAAAQBAJ&pg=PA659 |page=659 |publisher=Cengage Learning |year=2017 |edition=5th |isbn=978-1-305-94695-8 |via=Google Books}}</ref>
The r-commands were a significant innovation, and became ''de facto'' standards for Unix operating systems.<ref>Casad (2008), p. [https://books.google.com/books?id=q81cs5140_YC&pg=PT346 346]</ref><ref>{{cite book |title=Red Hat Fedora Linux 2 Bible |last=Negus |first=Christopher |publisher=Wiley |isbn=0-7645-5745-9 |oclc=441918216 |chapter=About "r" Commands |chapter-url=https://www.wiley.com/legacy/compbooks/negus/rhbf2/r-commands.html |access-date=2018-03-04|date=2004-07-02 }}</ref> With wider public adoption of the Internet, their inherent security vulnerabilities became a problem,<ref>{{Cite CiteSeerX|citeseerx = 10.1.1.178.8497|title = A Case Study of Using a Secure Network Layer Protocol}}</ref> and beginning with the development of [[Secure Shell]] protocols and applications in 1995, its adoption entirely supplanted the deployment and use of r-commands (and [[Telnet]]) on networked systems.<ref>{{cite journal
|url=https://dash.harvard.edu/bitstream/handle/1/16781951/sshVsTelnetWeb3.pdf?sequence=1|title=How and Why More Secure Technologies Succeed in Legacy Markets: Lessons from the Success of SSH|access-date=13 April 2023|author1=Nicholas Rosasco|author2=David Larochelle|website=Harvard University|format=Conference Paper|doi=10.1007/1-4020-8090-5_18|s2cid=19035681 }}</ref>
Line 33 ⟶ 32:
| style="text-align:left" | rcp || style="text-align:left" | rshd || 514 || TCP ||
|-
| style="text-align:left" | {{code|rexec}} || style="text-align:left" | rexecd || 512 || TCP || <ref>{{cite book |chapter-url=https://www.ibm.com/support/knowledgecenter/en/SSLTBW_2.1.0/com.ibm.zos.v2r1.halu001/rexsyn.htm |chapter=
|-
| style="text-align:left" | rlogin || style="text-align:left" | rlogind || 513 || TCP || <ref name="NAG">{{cite book |title=FreeBSD Network Administrators Guide |chapter-url=https://people.freebsd.org/~nik/nag/book.html#x-087-2-intro.tcpip.ports |chapter=More on Ports |access-date=2018-03-04}}</ref>
Line 54 ⟶ 53:
{{code|rlogin}} enables a user to log in on another [[Server (computing)|server]] via [[computer network]], using [[Transmission Control Protocol|TCP]] [[network port]] 513.
{{code|rlogin}} is also the name of the [[application layer]] [[Communications protocol|protocol]] used by the software, part of the [[TCP/IP]] protocol suite. Authenticated users can act as if they were physically present at the computer. RFC 1282, in which it was defined, states: "The {{code|rlogin}} facility provides a remote-echoed, locally flow-controlled virtual terminal with proper flushing of output." {{code|rlogin}} communicates with a [[daemon (computer software)|daemon]], {{code|rlogind}}, on the remote host. {{code|rlogin}} is similar to the [[Telnet]] command, but is not as customizable and is able to connect only to Unix-like hosts.
===rsh===
{{Further|Remote Shell}}
{{code|rsh}} opens a [[Shell (computing)|shell]] on a remote computer without a [[login]] procedure. Once connected, the user can execute commands on the remote computer through the shell's [[command-line interface]]. {{code|rsh}} passes input and output through the [[standard streams]], and it sends [[standard output]] to the user's [[Virtual console|console]]. Over the network, [[standard input]] and standard out flow through TCP port 514, while [[Standard_streams#Standard_error_(stderr)|Standard Error]] flows through a different TCP port, which the {{code|rsh}} [[Daemon (computing)|daemon]] ({{code|rshd}}) opens.<ref>{{cite book |url=https://books.google.com/books?id=-hF7sqwrcrwC&pg=PA154 |title=CCSP: Secure PIX and Secure VPN Study Guide |last1=Edwards |first1=Wade |last2=Lancaster |first2=Tom |last3=Quinn |first3=Eric |last4=Rohm |first4=Jason |last5=Tow |first5=Bryant|publisher=[[Sybex]] |page=154 |isbn=0-7821-4287-7 |year=2004 |via=Google Books |access-date=2018-03-07}}</ref>
===rexec===
Like {{code|rsh}}, {{code|rexec}} enables the user to run shell commands on a remote computer. However, unlike the rsh server, the {{code|rexec}} server ({{code|rexecd}}) requires login: it authenticates users by reading the username and password (unencrypted) from the [[network socket]].<ref>{{cite web |url=http://www.manpagez.com/man/8/rexecd/ |title=rexecd(8) |website=manpagez.com |access-date=2018-03-03}}</ref> {{code|rexec}} uses TCP port 512.
===rcp===
{{code|rcp}} can copy a file or directory from the local system to a remote system, from a remote system to the local system, or from one remote system to another.<ref name="Farrell">{{cite web |url=https://earthsci.stanford.edu/computing/unix/netcommands/rcp.php |title=rcp |last=Farrell |first=Phillip |date=3 August 2004 |website=earthsci.stanford.edu |publisher=Stanford University School of Earth, Energy & Environmental Sciences |access-date=2018-03-06 |archive-date=2021-02-07 |archive-url=https://web.archive.org/web/20210207204751/https://earthsci.stanford.edu/computing/unix/netcommands/rcp.php |url-status=dead }}</ref> The command line [[Parameter (computer programming)|arguments]] of {{code|cp}} and {{code|rcp}} are similar, but in {{code|rcp}} remote files are prefixed with the name of the remote system:
rcp file.txt subdomain.___domain:~/home/foo/file.txt
As with the Unix copy command [[cp (Unix)|cp]], {{code|rcp}} overwrites an existing file of the same name in the target; unlike {{code|cp}}, it provides no mechanism for warning the user before overwriting the target file.<ref name="Farrell"/> Like {{code|rsh}}, {{code|rcp}} uses TCP port 514.<ref>{{cite web |url=http://sourcedaddy.com/networking/rlogin-rsh-and-rcp.html |title=Rlogin, RSH, and RCP |website=SourceDaddy |access-date=2018-02-18}}</ref>
===rwho===
Just as the {{code|[[who (Unix)|who]]}} command lists the users who are logged in to the local Unix system, {{code|rwho}} lists those users who are logged into all [[multi-user]] Unix systems on the local network.<ref>{{cite web |url=https://www.systutorials.com/docs/linux/man/1-rwho/ |title=rwho (1) - Linux Man Pages |access-date=2018-03-07}}</ref> {{code|rwho}}'s daemon, {{code|rwhod}}, maintains a database of the status of Unix systems on the local network. The daemon and its database are also used by the {{code|ruptime}} program.<ref name="syst_rwhod">{{cite web |url=https://www.systutorials.com/docs/linux/man/8-rwhod/ |title=rwhod (8) - Linux Man Pages |access-date=2018-03-07}}</ref>
===rstat===
{{code|rstat}} returns performance statistics from the kernel.
===ruptime===
Just as the {{code|uptime}} command shows how long a Unix system has been running since the last restart, {{code|ruptime}} requests a status report from all computers on the local network. It then returns the uptime report. If a computer did not respond within the time limit, then {{code|ruptime}} reports that the system is [[Downtime|down]].<ref>{{cite web |url=https://www.systutorials.com/docs/linux/man/1-ruptime/ |title=ruptime (1) - Linux Man Pages |website=SysTutorials |access-date=2018-03-07}}</ref> This information is tracked and stored by the daemon {{code|rwhod}}, which is also used by the rwho command.<ref name="syst_rwhod"/>
==Security==
Those r-commands which involve user authentication ({{code|rcp}}, {{code|rexec}}, {{code|rlogin}}, and {{code|rsh}}) share several serious security vulnerabilities:
* All information, including passwords, is transmitted unencrypted (making it vulnerable to interception).
| |||