Windows Implementation of RSHD

(rshd project summary)

  1. Overview
  2. rshd command line options
  3. Installing rshd as windows service
  4. Uninstalling rshd windows service
  5. Running rshd in standalone mode (debug)
  6. Download rshd


rshd is a multithreaded daemon service that listens for connections on port 514 (tcp port for the shell/cmd protocol), runs commands passed by clients and sends back the results. It was my experience that the rshd service included in the Windows NT Resource Kit does not fully follow the BSD specification for the rsh protocol; it works fine with the rsh client in NT, but other clients fail to connect.

This implementation of rshd tries to get as close as possible to the BSD specs ( and comes with RCP server support. 

Important note: rshd was designed and implemented to be convenient and reliable, rather than tightly secure. A client trying to connect to rshd will have to pass a security clearance process, but rshd is probably far from a secure service. If security is of major concern across your network, you should be very careful when using this service. My target for rshd was a closed network, or a network guarded by a firewall.

This rshd implementation based on package written by Silviu C. Marghescu ( and updated by Ilya Evseev ( , Gary Doss (, Mike Dubman and Julia Khavich.

Build it: ..using Visual C++: cl  rsh.cpp advapi32.lib wsock32.lib


Back to Top

rshd command line options

-d 	enables debugging messages and allows you to run rshd as a command line process. Good 
   	for those days when nothing works...

-1 	no stdout redirection. By default, rshd will redirect the output of your
   	command into a temporary file and send the result back thru the client
   	socket.  If however you are not interested in the output, or the commandis already redirected, this option will prevent stdout redirection.
   	Note that the option is global, meaning it will disable redirection
	regardless of the commands you're passing...

-2	no stderr redirection.  Same as '-1', but for stderr.  At this point it
	should be noted that under the BSD rshd specification, the client can pass
	an auxillary tcp port number that the daemon can use to send the stderr
	output back.  The rshd will connect to that port if provided and send
	back the stderr, unless this option is given.  If no alternative stderr port
	is provided, rshd will use the main socket for both stdout and stderr.

-4  	4DOS command shell.  Different shells and different operating systems have
    	different ways of redirecting output, especially for the standard error stream.
    	rshd was tested in the following configurations: CMD.EXE and 4NT.EXE on
    	Windows NT; COMMAND.COM and 4DOS.COM on Windows 95.  If you're running 4DOS
    	on Windows 95, make sure you set the '-4' command parameter, otherwise the
    	stderr redirection will fail.

-s	stronger security enabled.  By default, when the client credentials can't
	be checked, rshd assumes it to be friendly and runs the command.  If that
	creates security concernes, this option will accept the connection to a client
	only if everything checks out.
-r	no rhosts checking.  Per BSD rshd specification, rshd loads the
	<windir>\rhosts file and builds a list of trusted hosts.
	You can use "+" as a content of "rhosts" file to allow 
	connections from ANY hosts.
	Any further connections will be accepted only from a host in the
	list.  '-r' disables this checking.  Note that this is a major security
	issue: if your network is not closed or guarded by a firewall, anybody
	can connect thru the rsh protocol and run commands on your machines.
	Use this option only if you know exactly who is running what across your

-v	displays the rshd version.
-install Install rshd as windows service
-remove  Remove rshd windows service

-h  	help screen.
RCP usage:
    Valid rcp requests are in the form:
         rcp -t [-d] [-r] [-p] target 
         rcp -f [r] [-p] target
    NOTE:  The -p option is being ignored since there is not a good
           correlation between UNIX and NT when it comes to file
           permissions and ownership.
Known problems

Some rsh clients open an additional connection for the stderr output.  There is a 
known problem/feature in Microsoft's implementation of TCP/IP that causes closed
connections to linger on for 2 maximum segment lives (4 minutes).  Within the timeout 
period, the local port is unusable.  For this reason, rshd has a mechanism for port 
resolution that tries to assign local ports in a round-robin fashion.  
It is not a clean solution, but it works for the time being (there is still a problem
if rshd is restarted, since it begins assigning ports from 1023; if those ports are
taken by TIME_WAIT connections, they'll be unusable).  A way of reducing the timeout
period to less than 4 minutes is described in Microsoft's Knowledge Base article Q149532:
There is a file included in rshd distribution, called: TcpTimedWaitDelay.reg You may want to run it and this will update the registry with reduced timeout value.
Back to Top

Installing rshd as windows service

In order to install rshd as windows service, run: 

You can also pass additional command line options after "-install" parameter that will be used to start rshd as service, for example:

This command will install rshd as service and "-r"  command line parameter will be used when service starts (-r = disable rhosts file checks)

You may also want to 

Back to Top

Uninstalling rshd windows service

To install previously installed rshd service, just issue:

Back to Top

Running rshd in standalone mode

The "rshd -d" will do the trick - this will start rshd as standalone daemon.

Back to Top


Back to Top

SourceForge Logo

Copyright 2002 [SourceForge]. All rights reserved.
Revised: .