Network Daemons  «Prev 

Berkeley “r” commands (rlogin, rsh)

Question: What are the unique characteristics of the Berkeley r commands rlogin and rsh ?
The Berkeley "r" commands, including rlogin and rsh, are a set of Unix-based remote access utilities that were developed at the University of California, Berkeley as part of the BSD (Berkeley Software Distribution) Unix operating system. These commands allow users to remotely execute commands and log in to other Unix-based systems over a network. The two specific commands you mentioned, rlogin and rsh, have unique characteristics:
  1. rlogin (remote login): rlogin is a command-line utility that allows a user to log in to a remote Unix-based system over a network. The primary use case for rlogin is to provide an interactive terminal session with a remote host. The command syntax is:
    rlogin remote_host
    

    Once connected, the user can interact with the remote system as if they were physically using the terminal on the remote machine. The user's local terminal settings (such as environment variables and terminal characteristics) are passed to the remote host.
  2. rsh (remote shell): rsh, or "remote shell," is a command-line utility that allows a user to execute a single command on a remote Unix-based system over a network without logging in interactively. The command syntax is:
    rsh remote_host command
    

    The primary use case for rsh is to run a single command or a script on a remote host and immediately return the output to the local machine. Unlike rlogin, rsh does not provide an interactive terminal session on the remote host.
However, it is important to note that both rlogin and rsh have significant security concerns, as they rely on trust-based authentication mechanisms that can be easily exploited. The authentication is primarily based on the user's hostname and IP address, which can be spoofed. Moreover, these utilities transmit data, including login credentials and command output, unencrypted over the network, making them susceptible to eavesdropping.
As a result, the use of rlogin and rsh has been largely replaced by more secure alternatives, such as SSH (Secure Shell), which provides encrypted communication and strong authentication mechanisms. SSH offers similar functionality through commands like ssh (for remote login) and ssh remote_host command (for remote command execution).
This group of network services goes under the names login and exec in /etc/services. They are an alternative method of providing remote access to your machine. Time does not allow for an in-depth discussion of these commands, but a host of security considerations are involved in using them. Make sure they are disabled in /etc/inetd.conf unless you intend to allow them. The well-known port numbers for these services are 512 and 513. The daemons are called in.rexecd and in.rlogind.

rlogin and rsh commands

The rlogin and rsh commands are the generic members of the Berkeley r family of programs that allow remote access to a host. To complement these, a small number of specific remote commands were also defined. These are essentially remote versions of some of the more common UNIX functions instead of the command being applied to only one system, however, it is used between two systems or across all systems on a TCP/IP network.
All of these commands are based on rlogin the same way that rsh is. They work in the same way, but instead of opening up a session or passing a user-specified command to the remote host, they execute a particular function. The following are the most common of these remote commands and briefly, how each is used:
  1. Remote Copy (rcp): This is the remote version of the UNIX copy (cp) command; it allows a file to be copied between the local host and the remote host, or between two remote hosts. The usual syntax is basically the same as the regular cp command, but the source and/or destination is specified as being on a remote host.
  2. The rcp command can be used in a manner similar to FTP, but is much simpler and less capable. Or to put it another way: rcp is to FTP, what rlogin is to Telnet.
  3. Remote Uptime (ruptime): The UNIX command uptime is used to display how long a computer has been running since it was last booted, along with information related to its current load. ruptime is the remote version of this command; it displays the current status of each machine on the network (up or down), how long each up machine has been up since its last boot, and its load statistics.
  4. Remote Who (rwho): This is the remote version of the who command. Where who shows all the users logged on to the host where it is run, rwho shows all users logged on to all machines on the network.
The ruptime and rwho commands both rely on the presence of the rwhod (remote who daemon) running in the background on networked machines. These processes routinely share information with each other about host uptime and who is logged on to each system, so it can be quickly displayed when either ruptime or rwho is run. On some operating systems, other remote commands may also be implemented. As with rlogin and rsh, security issues may apply to these commands, and there may be efficiency concerns with others (such as rwho). For these reasons, on many networks these commands are no longer used.

Linux System Administration