The Berkeley r-commands are a

suite Suite may refer to: Arts and entertainment *Suite (music), a set of musical pieces considered as one composition ** Suite (Bach), a list of suites composed by J. S. Bach ** Suite (Cassadó), a mid-1920s composition by Gaspar Cassadó ** ''Suite' ...

computer program A computer program is a sequence or set of instructions in a programming language for a computer to execute. Computer programs are one component of software, which also includes documentation and other intangible components. A computer progra ...

s designed to enable users of one

Unix Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, a ...

system to

log in In computer security, logging in (or logging on, signing in, or signing on) is the process by which an individual gains access to a computer system by identifying and authenticating themselves. The user credentials are typically some form ...

or issue

commands Command may refer to: Computing * Command (computing), a statement in a computer language * COMMAND.COM, the default operating system shell and command-line interpreter for DOS * Command key, a modifier key on Apple Macintosh computer keyboards * ...

to another

computer via

TCP/IP The Internet protocol suite, commonly known as TCP/IP, is a framework for organizing the set of communication protocols used in the Internet and similar computer networks according to functional criteria. The foundational protocols in the suit ...

computer network A computer network is a set of computers sharing resources located on or provided by network nodes. The computers use common communication protocols over digital interconnections to communicate with each other. These interconnections ar ...

. The r-commands were developed in 1982 by the

Computer Systems Research Group The Computer Systems Research Group (CSRG) was a research group at the University of California, Berkeley that was dedicated to enhancing AT&T Unix operating system and funded by Defense Advanced Research Projects Agency. History Professor B ...

at the

University of California, Berkeley The University of California, Berkeley (UC Berkeley, Berkeley, Cal, or California) is a public land-grant research university in Berkeley, California. Established in 1868 as the University of California, it is the state's first land-grant u ...

, based on an early implementation of

(the

protocol stack The protocol stack or network stack is an implementation of a computer networking protocol suite or protocol family. Some of these terms are used interchangeably but strictly speaking, the ''suite'' is the definition of the communication protoco ...

of the

Internet The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a ''internetworking, network of networks'' that consists ...

). The CSRG incorporated the r-commands into their

operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common daemon (computing), services for computer programs. Time-sharing operating systems scheduler (computing), schedule tasks for ef ...

, the

Berkeley Software Distribution The Berkeley Software Distribution or Berkeley Standard Distribution (BSD) is a discontinued operating system based on Research Unix, developed and distributed by the Computer Systems Research Group (CSRG) at the University of California, Ber ...

(BSD). The r-commands premiered in BSD v4.1. Among the programs in the suite are: (remote copy), (remote

execution Capital punishment, also known as the death penalty, is the state-sanctioned practice of deliberately killing a person as a punishment for an actual or supposed crime, usually following an authorized, rule-governed process to conclude that t ...

), (remote

login In computer security, logging in (or logging on, signing in, or signing on) is the process by which an individual gains access to a computer system by identifying and authenticating themselves. The user credentials are typically some form ...

), (remote

shell Shell may refer to: Architecture and design * Shell (structure), a thin structure ** Concrete shell, a thin shell of concrete, usually with no interior columns or exterior buttresses ** Thin-shell structure Science Biology * Seashell, a hard o ...

), , , and (remote

who Who or WHO may refer to: * Who (pronoun), an interrogative or relative pronoun * Who?, one of the Five Ws in journalism * World Health Organization Arts and entertainment Fictional characters * Who, a creature in the Dr. Seuss book ''Horton Hear ...

). The r-commands were a significant innovation, and became ''de facto'' standards for Unix operating systems. With wider public adoption of the Internet, their inherent security vulnerabilities became a problem, and beginning with the development of

Secure Shell The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH applications are based ...

protocols and applications in 1995, its adoption entirely supplanted the deployment and use of r-commands (and Telnet) on networked systems.

Authentication

The original Berkeley package that provides rlogin also features rcp (remote-copy, allowing files to be copied over the network) and rsh (remote-shell, allowing commands to be run on a remote machine without the user logging into it). These share the hosts.equiv and .rhosts access-control scheme (although they connect to a different daemon, rshd).

Commands

rlogin

enables a user to log in on another server via

, using TCP network port 513. rlogin is also the name of the

application layer An application layer is an abstraction layer that specifies the shared communications protocols and interface methods used by hosts in a communications network. An ''application layer'' abstraction is specified in both the Internet Protocol ...

protocol used by the software, part of the

protocol suite. Authenticated users can act as if they were physically present at the computer. RFC 1282, in which it was defined, states: "The rlogin facility provides a remote-echoed, locally flow-controlled virtual terminal with proper flushing of output." rlogin communicates with a

daemon Daimon or Daemon (Ancient Greek: , "god", "godlike", "power", "fate") originally referred to a lesser deity or guiding spirit such as the daimons of ancient Greek religion and mythology and of later Hellenistic religion and philosophy. The wo ...

, rlogind, on the remote host. rlogin is similar to the

Telnet Telnet is an application protocol used on the Internet or local area network to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection. User data is interspersed in-band with Telnet cont ...

command, but is not as customizable and is able to connect only to Unix-like hosts.

rsh

rsh opens a

on a remote computer without a

login In computer security, logging in (or logging on, signing in, or signing on) is the process by which an individual gains access to a computer system by identifying and authenticating themselves. The user credentials are typically some form ...

procedure. Once connected, the user can execute commands on the remote computer through the shell's command-line interface. rsh passes input and output through the

standard streams In computer programming, standard streams are interconnected input and output communication channels between a computer program and its environment when it begins execution. The three input/output (I/O) connections are called standard input (stdin ...

, and it sends

standard output In computer programming, standard streams are interconnected input and output communication channels between a computer program and its environment when it begins execution. The three input/output (I/O) connections are called standard input (stdin ...

to the user's console. Over the network,

standard input In computer programming, standard streams are interconnected input and output communication channels between a computer program and its environment when it begins execution. The three input/output (I/O) connections are called standard input (stdin ...

and standard out flow through TCP port 514, while

Standard Error The standard error (SE) of a statistic (usually an estimate of a parameter) is the standard deviation of its sampling distribution or an estimate of that standard deviation. If the statistic is the sample mean, it is called the standard error ...

flows through a different TCP port, which the rsh

(rshd) opens.

rexec

Like rsh, rexec enables the user to run shell commands on a remote computer. However, unlike the rsh server, the rexec server (rexecd) requires login: it authenticates users by reading the username and password (unencrypted) from the

network socket A network socket is a software structure within a network node of a computer network that serves as an endpoint for sending and receiving data across the network. The structure and properties of a socket are defined by an application programmin ...

. rexec uses TCP port 512.

rcp

rcp can copy a file or directory from the local system to a remote system, from a remote system to the local system, or from one remote system to another. The command line

arguments An argument is a statement or group of statements called premises intended to determine the degree of truth or acceptability of another statement called conclusion. Arguments can be studied from three main perspectives: the logical, the dialectic ...

of cp and rcp are similar, but in rcp remote files are prefixed with the name of the remote system: rcp file.txt subdomain.domain:~/home/foo/file.txt As with the Unix copy command cp, rcp overwrites an existing file of the same name in the target; unlike cp, it provides no mechanism for warning the user before overwriting the target file. Like rsh, rcp uses TCP port 514.

rwho

Just as the

command lists the users who are logged in to the local Unix system, rwho lists those users who are logged into all

multi-user Multi-user software is computer software that allows access by multiple users of a computer. Time-sharing systems are multi-user systems. Most batch processing systems for mainframe computers may also be considered "multi-user", to avoid leaving ...

Unix systems on the local network. rwho's daemon, rwhod, maintains a database of the status of Unix systems on the local network. The daemon and its database are also used by the ruptime program.

rstat

rstat returns performance statistics from the kernel.

ruptime

Just as the command shows how long a Unix system has been running since the last restart, requests a status report from all computers on the local network. It then returns the uptime report. If a computer did not respond within the time limit, then ruptime reports that the system is

down Down most often refers to: * Down, the relative direction opposed to up * Down (gridiron football), in American/Canadian football, a period when one play takes place * Down feather, a soft bird feather used in bedding and clothing * Downland, a ty ...

. This information is tracked and stored by the daemon rwhod, which is also used by the rwho command.

Security

Those r-commands which involve user authentication (rcp, rexec, rlogin, and rsh) share several serious security vulnerabilities: * All information, including passwords, is transmitted unencrypted (making it vulnerable to interception). * The .rlogin (or .rhosts) file is easy to misuse. They are designed to allow logins without a

password A password, sometimes called a passcode (for example in Apple devices), is secret data, typically a string of characters, usually used to confirm a user's identity. Traditionally, passwords were expected to be memorized, but the large number of ...

, but their reliance on remote usernames, hostnames, and IP addresses is exploitable. For this reason many corporate system administrators prohibit .rhosts files, and actively scrutinize their networks for offenders. * The protocol partly relies on the remote party's rlogin client to provide information honestly, including source port and source host name. A corrupt client is thus able to forge this and gain access, as the rlogin protocol has no means of

authenticating Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicatin ...

other machines' identities, or ensuring that the requesting client on a trusted machine is the real rlogin client. * The common practice of mounting users' home directories via NFS exposes rlogin to attack by means of fake .rhosts files - this means that any of NFS's security faults automatically plague rlogin. Due to these problems, the r-commands fell into relative disuse (with many Unix and

Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which i ...

distributions no longer including them by default). Many networks that formerly relied on rlogin and telnet have replaced them with SSH and its rlogin-equivalent ''slogin''.

Notes

References

External links

* , BSD Rlogin (1991) * * * {{Unix commands Internet protocols Internet Standards Unix network-related software