Revision as of 23:24, 23 February 2018 edit Ringbang (talk \| contribs) Autopatrolled, Extended confirmed users, Pending changes reviewers, Rollbackers 22,750 edits →External links: templated; +"Further reading" section ← Previous edit		Revision as of 03:12, 4 March 2018 edit undo Ringbang (talk \| contribs) Autopatrolled, Extended confirmed users, Pending changes reviewers, Rollbackers 22,750 edits rescoped article and wrote new lede; merged some content from Remote Process Execution (now redirected) Next edit →
Line 2: \| date = February 2017 }}{{lowercase}} {{IPstack}} The '''Berkeley r-commands''' are a [[Software suite\|suite]] of [[computer program]]s designed to enable computer users to access various [[System resource\|computer resources]] available on a [[Computer network\|network]]. The r-commands were developed in 1982 by the [[Computer Systems Research Group]] at the [[University of California, Berkeley]], based on an early implementation of [[TCP/IP]] (the [[protocol stack]] of the [[Internet]]).<ref name="McKusick">{{cite book \|title=[[Open Sources: Voices from the Open Source Revolution]] \|last=McKusick \|first=Marshall Kirk \|authorlink=Marshall Kirk McKusick \|year=1999 \|isbn=978-1-56592-582-3 \|chapter=Twenty Years of Berkeley Unix: From AT&T-Owned to Freely Redistributable \|chapter-url=http://www.oreilly.com/openbook/opensources/book/kirkmck.html \|publisher=O'Reilly & Associates \|at=Section: "4.2BSD" \|access-date=2018-03-03}}</ref> '''rlogin''' is a [[software utility]] for [[Unix-like]] computer [[operating system]]s that was first distributed as part of the [[Berkeley Software Distribution\|4.2BSD]] release. rlogin allows users to log in on another [[Server (computing)\|host]] via a [[computer network\|network]], using [[Transmission Control Protocol\|TCP]] [[TCP and UDP port\|port]] 513. The CSRG incorporated the r-commands into their [[Unix]] [[operating system]], the [[Berkeley Software Distribution]] (BSD). The r-commands premiered in BSD v4.1.<ref name="McKusick"/> Among the programs in the suite are: {{code\|rcp}} (remote copy), {{code\|rexec}} (remote [[Execution (computing)\|execution]]), {{code\|rlogin}} (remote [[login]]), {{code\|rsh}} (remote [[Shell (computing)\|shell]]), and {{code\|rwho}} (remote [[who (Unix)\|who]]). rlogin is also the name of the [[application layer]] [[Communications protocol\|protocol]] used by the software, part of the [[TCP/IP]] [[protocol suite]]. Authenticated users can act as if they were physically present at the computer. RFC 1282, in which it was defined, states: "The rlogin facility provides a remote-echoed, locally flow-controlled virtual terminal with proper flushing of output." rlogin communicates with a [[daemon (computer software)\|daemon]], '''rlogind''', on the remote host. rlogin is similar to the [[Telnet]] command, but is not as customizable and is able to connect only to Unix-like hosts.▼ == ~~Use~~ rlogin== {{code\|rlogin}} enables a user to log in on another [[Server (computing)\|server]] via [[computer network]], using [[Transmission Control Protocol\|TCP]] [[network port]] 513. ▲rlogin is also the name of the [[application layer]] [[Communications protocol\|protocol]] used by the software, part of the [[TCP/IP]] [[protocol suite]]. Authenticated users can act as if they were physically present at the computer. RFC 1282, in which it was defined, states: "The rlogin facility provides a remote-echoed, locally flow-controlled virtual terminal with proper flushing of output." rlogin communicates with a [[daemon (computer software)\|daemon]], '''rlogind''', on the remote host. rlogin is similar to the [[Telnet]] command, but is not as customizable and is able to connect only to Unix-like hosts. rlogin is most commonly deployed on corporate and academic networks, where user account information is shared among all the Unix machines on the network (often using [[Network Information Service\|NIS]]). These deployments essentially trust all other machines (and the network infrastructure). ==rcp, rexec, rsh, and rwho== ~~== Security ==~~ {{Further\|Remote Shell}} The original Berkeley package that provides rlogin also features [[rcp ~~(Unix)\|rcp]]~~ (remote-copy, allowing files to be copied over the network) and [[Remote Shell\|rsh]] (remote-shell, allowing commands to be run on a remote machine without the user logging into it). These share the hosts.equiv and .rhosts access-control scheme (although they connect to a different daemon, rshd), and as such suffer from the same security exposures. The ssh suite contains suitable replacements for both: scp replaces rcp, and ssh itself replaces both rlogin and rsh.▼ ~~rlogin has several serious security problems:~~ Like rsh, rexec enables the user to run shell commands on a remote computer. However, unlike the rsh server, the rexec server (rexecd) authenticates users by reading the username and password (unencrypted) from the socket.<ref>{{cite web \|url=http://www.manpagez.com/man/8/rexecd/ \|title=rexecd(8) \|website=manpagez.com \|access-date=2018-03-03}}</ref> rexec uses TCP port 512. * All information, including passwords, is transmitted unencrypted (making it vulnerable to interception). * The .rlogin (or .rhosts) file is easy to misuse (potentially allowing logins without a [[password]]) - for this reason many corporate system administrators prohibit .rlogin files and actively scrutinize their networks for offenders. * The protocol partly relies on the remote party's rlogin client to provide information honestly, including source port and source host name. A corrupt client is thus able to forge this and gain access, as the rlogin protocol has no means of [[Authentication\|authenticating]] other machines' identities, or ensuring that the requesting client on a trusted machine is the real rlogin client. * The common practice of mounting users' home directories via NFS exposes rlogin to attack by means of fake .rhosts files - this means that any of [[Network File System\|NFS's]] security faults automatically plague rlogin. With rwho, a user can display a list of users who are logged into a remote, [[multi-user]] computer. Due to these problems, rlogin was rarely used across untrusted networks (like the public internet) and even in closed deployments it fell into relative disuse (with many Unix and [[Linux]] distributions no longer including it by default). Many networks that formerly relied on rlogin and telnet have replaced it with [[Secure shell\|SSH]] and its rlogin-equivalent ''slogin''.<ref name="Sobell">{{cite book\|last=Sobell\|first=Mark\|title=A Practical Guide to Linux Commands, Editors, and Shell Programming\|ISBN=978-0-13-136736-4\|date=2010\|publisher=Pearson Education, Inc}}</ref><ref name="iu">{{cite web\|title=Unix job control command list\|publisher=Indiana University\|url=https://kb.iu.edu/d/afnw\|accessdate=20 December 2014}}</ref> ~~{{anchor\|rcp}}~~ ~~== Replacements ==~~ ▲The original Berkeley package that provides rlogin also features [[rcp (Unix)\|rcp]] (remote-copy, allowing files to be copied over the network) and [[Remote Shell\|rsh]] (remote-shell, allowing commands to be run on a remote machine without the user logging into it). These share the hosts.equiv and .rhosts access-control scheme (although they connect to a different daemon, rshd), and as such suffer from the same security exposures. The ssh suite contains suitable replacements for both: scp replaces rcp, and ssh itself replaces both rlogin and rsh. == See also == * [[Secure Shell]] * [[Telnet]] * [[who (Unix)]] ==Notes== {{reflist}}▼ == References == Line 36 ⟶ 34: * {{FOLDOC}} {{refend}} ▲{{reflist}} ==Further reading==

Berkeley r-commands: Difference between revisions