The Remote Shell Protocol

I'm trying to connect a device using the RSH (Remote Shell) protocol. So naturally I googled it. Well... it didn't bring any useful result. Every time you try to find some information about the RSH protocol, all you get is a warning that RSH is insecure and should not be used; SSH should be used instead. Fine, but I'm trying to use RSH here... So, OK, here's what I guessed from a Wireshark dump of an RSH session...
  1. The client opens a TCP server port for stderr and starts listening to it.
  2. The client opens a TCP client port to the RSH host, on port 514.
  3. The client sends a string representing the stderr port in decimal, followed by a NULL. Apparently, this port may be empty, meaning no stderr report.
  4. The client sends the identity of the local user (ie the user logged on the client machine,) followed by a NULL
  5. The client sends the identity of the remote user (ie the user to be logged on the server machine) followed by a NULL
  6. The client sends the command to be executed, followed by a NULL
  7. The server sends something (don't know what yet, maybe the exit code) followed by a NULL
  8. The server sends the contents of the stdout
  9. Someone (who ?) closes the port.

Ok, I've found a spec : http://linux.die.net/man/8/rshd

Remaining questions
  • How is stdin/stdout handled ?
    • Apparently the following characters in the TCP stream are the stdin of the running app.
  • How is it possible to receive the return code before stdout ? That would mean the program cannot be interactive
    • Ok, the first null is just a flag, and no error level is returned.

Interesting additional information
  • Apparently, the client must use a TCP port below 1023. 1022 seems a good choice for stderr, and 1023 for the main client port.


Last edited Nov 23, 2009 at 10:48 AM by sleclercq, version 3

Comments

No comments yet.