(rshd project summary)
rshd is a multithreaded daemon service that listens for connections on port 514 (tcp port for the shell/cmd protocol), runs commands passed by clients and sends back the results. It was my experience that the rshd service included in the Windows NT Resource Kit does not fully follow the BSD specification for the rsh protocol; it works fine with the rsh client in NT, but other clients fail to connect.
This implementation of rshd tries to get as close as possible to the BSD specs (http://www.bsdi.com) and comes with RCP server support.
Important note: rshd was designed and implemented to be convenient and reliable, rather than tightly secure. A client trying to connect to rshd will have to pass a security clearance process, but rshd is probably far from a secure service. If security is of major concern across your network, you should be very careful when using this service. My target for rshd was a closed network, or a network guarded by a firewall.
This rshd implementation based on package written by Silviu C. Marghescu
(http://home.us.net/~silviu/) and updated by Ilya Evseev (http://www.csa.ru/~il/rsh/)
, Gary Doss (firstname.lastname@example.org),
Mike Dubman and Julia Khavich.
Build it: ..using Visual C++: cl rsh.cpp advapi32.lib wsock32.lib
-d enables debugging messages and allows you to run rshd as a command line process. Good for those days when nothing works... -1 no stdout redirection. By default, rshd will redirect the output of your command into a temporary file and send the result back thru the client socket. If however you are not interested in the output, or the commandis already redirected, this option will prevent stdout redirection. Note that the option is global, meaning it will disable redirection regardless of the commands you're passing... -2 no stderr redirection. Same as '-1', but for stderr. At this point it should be noted that under the BSD rshd specification, the client can pass an auxillary tcp port number that the daemon can use to send the stderr output back. The rshd will connect to that port if provided and send back the stderr, unless this option is given. If no alternative stderr port is provided, rshd will use the main socket for both stdout and stderr. -4 4DOS command shell. Different shells and different operating systems have different ways of redirecting output, especially for the standard error stream. rshd was tested in the following configurations: CMD.EXE and 4NT.EXE on Windows NT; COMMAND.COM and 4DOS.COM on Windows 95. If you're running 4DOS on Windows 95, make sure you set the '-4' command parameter, otherwise the stderr redirection will fail. -s stronger security enabled. By default, when the client credentials can't be checked, rshd assumes it to be friendly and runs the command. If that creates security concernes, this option will accept the connection to a client only if everything checks out. -r no rhosts checking. Per BSD rshd specification, rshd loads the <windir>\rhosts file and builds a list of trusted hosts. You can use "+" as a content of "rhosts" file to allow connections from ANY hosts. Any further connections will be accepted only from a host in the list. '-r' disables this checking. Note that this is a major security issue: if your network is not closed or guarded by a firewall, anybody can connect thru the rsh protocol and run commands on your machines. Use this option only if you know exactly who is running what across your network! -v displays the rshd version.
-install Install rshd as windows service -remove Remove rshd windows service -h help screen.
RCP usage: Valid rcp requests are in the form: rcp -t [-d] [-r] [-p] target rcp -f [r] [-p] target NOTE: The -p option is being ignored since there is not a good correlation between UNIX and NT when it comes to file permissions and ownership.
Known problems ============== Some rsh clients open an additional connection for the stderr output. There is a known problem/feature in Microsoft's implementation of TCP/IP that causes closed connections to linger on for 2 maximum segment lives (4 minutes). Within the timeout period, the local port is unusable. For this reason, rshd has a mechanism for port resolution that tries to assign local ports in a round-robin fashion. It is not a clean solution, but it works for the time being (there is still a problem if rshd is restarted, since it begins assigning ports from 1023; if those ports are taken by TIME_WAIT connections, they'll be unusable). A way of reducing the timeout period to less than 4 minutes is described in Microsoft's Knowledge Base article Q149532:There is a file included in rshd distribution, called: TcpTimedWaitDelay.reg You may want to run it and this will update the registry with reduced timeout value.
In order to install rshd as windows service, run:
You can also pass additional command line options after "-install" parameter that will be used to start rshd as service, for example:
This command will install rshd as service and "-r" command line parameter will be used when service starts (-r = disable rhosts file checks)
You may also want to
To install previously installed rshd service, just issue:
The "rshd -d" will do the trick - this will start rshd as standalone daemon.