TELNET and Rlogin
Download
Report
Transcript TELNET and Rlogin
TELNET and Rlogin
D 24 - (1 of 40)
Outline:
TELNET and Rlogin
• Remote Interactive
Applications:
–
–
–
–
TELNET
Protocol
Pseudo Terminal
Network Virtual Terminal
• Accommodating
Heterogeneity between
Different Systems.
• Controlling the Remote Device
• TELNET Options
• Terminal Types
• Remote Commands in UNIX
• Application Sessions
• Tools Available on the
Internet:
–
–
–
–
–
–
–
–
Traceroute
Ping
Tracecon
Finger
Whois
Netfind
Ph
Lookup
D 24 - (2 of 40)
Remote Interactive Applications:
• Client / Server Applications:
– Interactive remote computing applications
allow users to connect to and control remote
machines as if they were actually there.
– All operating system commands and functions
can be utilized when remotely logging in.
– Restrictions only exist when displaying video
output to a remote terminal (video port
redirection).
D 24 - (3 of 40)
Remote Interactive Applications:
• Users have access to all the commands available
on the remote system without needing to provide
specialized servers.
• Interactive software tends to be more complex
since things should be handled in real-time
(control character sequences, echo input to the
local screen, etc.)
D 24 - (4 of 40)
Remote Interactive Applications:
• Clients usually override the local interpretation of
all keys except the “Escape” key.
• This is to allow a user to truly control a remote
machine as if they were sitting in front of it.
• Problems do arise, however, when client
applications fail to map all control commands to
the appropriate remote commands.
D 24 - (5 of 40)
TELNET Protocol:
• TELNET - A simple (standard) remote terminal
protocol which:
– Passes keystrokes.
– Carries output to the client.
– Provides a transparent service (appears as if we
are directly attached to the destination
machine).
D 24 - (6 of 40)
TELNET Protocol:
• TELNET provides three basic services:
– Defines the Network Virtual Terminal (NVT)
standard interface to remote systems (clients are
built to the interface).
– Provides a set of standard options (7-bit or 8-bit
ASCII character sets) and option negotiation.
– Treats both ends of the connection
symmetrically (either program can become a
client).
D 24 - (7 of 40)
TELNET:
Pseudo Terminal
• Pseudo Terminal:
– Is an entry point in the operating system (O.S.)
that allows a running program (like the
TELNET server) to transfer characters to the
O.S. as if they came from a terminal.
– The O.S. is required to support this, if TELNET
is to be an application-level service.
D 24 - (8 of 40)
Image source: Internetworking with TCP/IP vol I
(1995 Prentice Hall, Douglas Comer)
D 24 - (9 of 40)
TELNET:
Network Virtual Terminal
• Network Virtual Terminal (NVT):
– Is defined by TELNET to accommodate
heterogeneity among computer systems.
– It handles different computers and operating
systems by defining how data and command
sequences are sent across the Internet.
D 24 - (10 of 40)
TELNET:
Network Virtual Terminal
• The network virtual terminal specifies that Telnet
must communicate using 8-bit bytes (1 octet).
• It uses the standard 7-bit US-ASCII representation
of data and reserves bytes with the high-order bit
set for command sequences.
D 24 - (11 of 40)
Network Virtual Terminal (NVT):
user’s
I/O
device
Client
Client System format used
TCP connection
across internet
NVT format used
Server
Server’s
System
Server System format used
D 24 - (12 of 40)
Accommodating Heterogeneity
between Different Systems:
• Since the NVT accommodates different systems
and terminal types, it must also treat common
control sequences in a generalized fashion.
• To accommodate line termination in a standard
way, the NVT uses a combination of the two
common characters (Carriage Return and Line
Feed).
• Therefore, it uses a two character sequence of
CR-LF for line termination.
D 24 - (13 of 40)
Accommodating Heterogeneity
between Different Systems:
• The NVT accommodates control functions by
defining how they are passed from client to server.
• It defines a conceptual “interrupt” key that
requests termination of the most recent command.
• When an “interrupt” sequence character is found,
the previous command is terminated.
D 24 - (14 of 40)
NVT Interpretation of
US-ASCII Control Characters.
ASCII Control Code Decimal Value
Assigned Meaning
NUL
0
No operation
BEL
7
Bell sound
BS
8
Move left one position
LF
10
Move down (vertically)
VT
11
FF
12
Move down to next vertical
tab
Move to top of next page
CR
13
Move to left margin on
current line.
D 24 - (15 of 40)
Controlling the Remote Device:
• NVT keeps control commands separate from
normal ASCII character sets, for two reasons:
– Greater flexibility - transfer all ASCII character
sequences as well as all possible control
functions.
– Avoids signal ambiguity - client specifies the
signals, so there is no confusion on how to treat
input characters.
D 24 - (16 of 40)
Control Functions used by NVT:
Signal
Meaning
IP
Interrupt Process (terminate)
AO
Abort Output (flush buffer)
AYT
Are You There? (server test)
EC
Erase Character (delete previous)
EL
Erase Line (delete current line)
SYNCH
Synchronize
(clear data path until TCP urgent data point)
Break (break key)
BRK
D 24 - (17 of 40)
Controlling the Remote Device:
• The IAC (Interpret as Command) octet:
– Is a reserved byte of information which
indicates a control code octet follows in the
data stream.
– It signifies the beginning of an “escape
sequence”
– It is denoted by decimal code 255.
– When IAC is meant to appear as data, the
sender doubles it (IAC-IAC).
D 24 - (18 of 40)
Telnet Encoded Commands:
Command Decimal Encoding
Meaning
DON’T
254
Deny option request
DO
253
Approval of option request
WON’T
252
Refuse option request
WILL
251
Option agreement
GA
249
“Go Ahead” signal
IP
244
“Interrupt Process” signal
BRK
243
“Break” signal
D 24 - (19 of 40)
Out-of-Band Signaling
in TELNET:
• TELNET cannot rely on conventional data streams
alone for control sequences, because misbehaving
applications that need controlling might
inadvertently block the data stream.
• To truly handle control sequences, TELNET uses
Out-of-Band signaling where the URG bit is set in
the TCP segment used to send it.
D 24 - (20 of 40)
TELNET Options:
• TELNET option negotiation is done between the
client and server:
– Half or Full Duplex mode.
– The remote machine determines the user’s
terminal type.
– The “I think you are using a VT100 terminal”
message is common.
D 24 - (21 of 40)
TELNET Options:
• Telnet normally uses a 7-bit data stream and uses
the highest-order (8th bit) to pass control
information.
• Using option negotiation, Telnet can also use an 8bit data character set.
• In the case of 8-bit data sets:
– Both ends must agree to use 8-bit data.
– The IAC control command must always be
doubled because of In-band signaling.
D 24 - (22 of 40)
TELNET Options:
• Either end of the connection (client or server) can
request options.
• This interaction is symmetric (with respect to
option negotiation), to allow reconfiguration of
their interactions.
D 24 - (23 of 40)
Terminal Types:
• Many terminal types exist. Telnet and the NVT,
through option negotiation, allow the client and
server to agree on the specific terminal emulation
to use.
• Terminal emulation types include:
– VT100
– VT220
– ANSI
D 24 - (24 of 40)
Terminal Types:
• Extensions have been made to the Telnet protocol
to provide terminal emulation of proprietary
interfaces and displays.
• Support for IBM 3270 terminal displays was
added through several RFCs (1041, 1576, 1646,
1647) and the tn3270 program.
• OSI application-layer protocols also exist to
provide remote terminal connectivity.
D 24 - (25 of 40)
Remote Commands in UNIX:
• Rlogin (Remote Login):
– 4.3 BSD UNIX remote login service that
supports trusted hosts (automatic
authorization).
– If not explicitly denoted, Rlogin attempts to
login a user on the destination machine using
the same user name and password as the source.
D 24 - (26 of 40)
Remote Commands in UNIX:
• Rsh (remote shell):
– Invokes a command interpreter on the remote
UNIX machine.
– And passes any command line arguments to the
command interpreter, skipping the login step
completely.
rsh machine command
D 24 - (27 of 40)
Remote Commands in UNIX:
• Rsh does not ask for a password, so it can be used
in programs as well as from the keyboard.
• This may be a security issue at certain sites, so
administrators may not allow executing programs
to utilize this command..
D 24 - (28 of 40)
Remote Commands in UNIX:
• Rlogin understands UNIX notions of standard
input, standard output, and standard error as well
as terminal control functions (understands both
local and remote computing environments).
• For this reason, it communicates better than
general purpose remote login protocols (like
TELNET).
D 24 - (29 of 40)
Application Sessions:
• “Sessions” are used with remote login protocols
and file transfer protocols (FTP).
• A session is established during connection and
dictated by which side transmits at which time.
• Session control is embedded within TCP/IP
application protocols (unlike OSI protocols where
it resides in the ‘session layer’).
D 24 - (30 of 40)
Tools Available on the Internet:
Traceroute
• Traceroute - A debugging tool used to send test
packets to each hop found along an Internet path
and determine the amount of time required for
each.
• Traceroute at Paris:
(http://hplyot.obspm.fr/cgi-bin/nphtraceroute?hertz.njit.edu)
• Traceroute at Brownell:
(http://www.brownell.edu/cgibin/traceroute.bt?hertz.njit.edu)
• Traceroute at MIT:
D 24 - (31 of 40)
Tools Available on the Internet:
Ping
• Ping sends a packet to a remote or local host,
requesting an echo:
– If the echo is returned, the site is up.
– If the echo is not returned, it can indicate that
the site is down or there is some other problem.
• Ping at SMSI:
(http://www.smsi.com/cgi-bin/ping)
• Ping at UK:
(http://js.stir.ac.uk/jsbin/wwping)
D 24 - (32 of 40)
Tools Available on the Internet:
Tracecon
• Tracecon can give you a thorough summary of
your TCP/IP connection:
– This site will automatically determine what
your IP address is, and do diagnostic functions
based on it.
– The diagnosis may show a different IP address
if your site has a firewall installed.
• Network diagnosis from your IP address:
(http://www.wiskit.com/cgi-bin/tracecon)
D 24 - (33 of 40)
Tools Available on the Internet:
Finger
• Finger - can help you to find an email address or
correct an undeliverable or looping message:
– Finger hits a user’s account and displays the
“.plan” file (if available).
• Finger Gateway at Indiana:
(http://www.cs.indiana.edu/finger/gateway)
• Finger Gateway at St. Andrews:
(http://bute.st-andrews.ac.uk:8080/~www_sa/personal/finger.cgi)
• Finger Gateway at NASA:
(http://eos.nasa.gov/cgi-bin/finger)
D 24 - (34 of 40)
Tools Available on the Internet:
Whois
• Whois - provides information on registered
computer network users, domains, and
organizations:
– It can help you to find email addresses and host
and domain names.
• Whois Gateway at St. Louis:
(http://biogopher.wustl.edu:70/7/email/uwho_frm)
• Whois at Germany:
(http://www.th-darmstadt.de/cgi-bin/whois.old)
D 24 - (35 of 40)
Tools Available on the Internet:
Netfind
• Netfind - will provide email addresses and login
ID information. It is similar to Finger.
– You need both the user ID and host name to use
netfind.
• Netfind Gateway at Internic:
(gopher://ds.internic.net:4320/7netfind%20dblookup)
• Netfind at Nova:
(gopher://cs4sun.cs.ttu.edu:4320/7netfind%20dblookup)
D 24 - (36 of 40)
Tools Available on the Internet:
Ph
• Ph - can provide information on email and snail
mail addresses and phone numbers:
– Searches are usually limited to local
information (or institutions listed by the on-line
service below).
– When searching, try using both the full name
and the last name.
• Ph at NCSA:
(http://fiaker.ncsa.uiuc.edu:8080/cgi-bin/phfd)
D 24 - (37 of 40)
Tools Available on the Internet:
Lookup
• Lookup service - provides a speedy and robust
search engine, spanning the capabilities of many
directory resources.
– Membership is required: provide first name,
last name, and partial email address.
• Membership page:
(http://www.lookup.com/lookup/member.html)
• Already a member:
(http://www.lookup.com)
D 24 - (38 of 40)
Questions
TELNET and Rlogin
• Give your reasoning why you feel there are so
many different terminal types and control
sequences.
• Could the Network Virtual Terminal simply be
used by all terminal applications and avoid the
need of conversion/types?
• What type of information does the Traceroute
program provide to a network administrator?
• How do Telnet and Rlogin differ?
D 24 - (39 of 40)
• What purpose is served by the pseudo-terminal?
Reference Materials
TELNET and Rlogin
• IEN 148 (RFC-764) TELNET PROTOCOL:
(http://www.cis.ohio-state.edu/htbin/ien/ien148.html)
• RFC 854: Telnet Protocol
(http://www.cis.ohio-state.edu/htbin/rfc/rfc854.html)
• TCP/IP Illustrated, Vol 1: W. Richard Stevens.
• Internet User Troubleshooting:
(http://www.iac.net/~othello/)
• RFC 1282: BSD Rlogin
(http://www.cis.ohio-state.edu/htbin/rfc/rfc1282.html)
•
RFC 1576: TN3270 Current Practices
(http://www.cis.ohio-state.edu/htbin/rfc/rfc1576.html)
D 24 - (40 of 40)