Transcript Chapter 25m
CH 25-Remote Login (TELNET,Rlogin) Xiaoying Cheng Yinghsuan Huang Chunli Yu Cheng Zhang Yi Zhang Introduction Remote login: – Login to one host and then remote login across the network to any other host Telnet: – A standard application. It works between hosts that use different operating systems. TELNET Protocol Allow a user to log into a computer across an internet. – – – Establish a TCP connection. Pass keystrokes from the user’s keyboard directly to the remote computer. Carry output from the remote machine back to the user’s screen. Transparent: user’s keyboard and display attach directly to the remote machine. TELNET Three Services 1 It defines a network virtual terminal that provides a standard interface to remote systems. 2 Telnet includes a mechanism that allows the client and server to negotiate options, and it provides a set of standard options. 3 Telnet treats both ends of the connection symmetrically. Thus , telnet allows an arbitrary program to become a client, either end can negotiate options. TELNET Client – Server Model Telnet client Terminal driver User at a terminal TCP/IP Telnet server TCP/IP TCP connection Login shell Pseudo-terminal driver How application programs implement a TELNET client and server Client sends To server Client reads From terminal User’s keyboard & display TELNET client Operating system Server receives From client Server sends to pseudo terminal TCP/IP internet TELNET server Operating system Pseudo terminal Pseudo terminal describe the OS entry point that allows a running program like the TELNET server to transfer characters to the operating system as if they came from a keyboard. Each slave server connects a TCP stream from one client to a particular pseudo terminal. Network Virtual Terminal (NVT) An imaginary device from which both ends of the connection, the client and the server, map their real terminal to and from. User’s Keyboard & display TCP connection across internet Client Client system format Server NVT format Server’s system Server system format NVT Format 7 – bit USASCII: – Each 7 – bit character is sent as an 8-bit byte with the high-order bit set to 0. An end-of-line is transmitted as 2-character sequence CR followed by a LF. Such as \r\n A carriage return is transmitted as 2character sequence CR followed by a NUL (byte of 0). Such as \r\0 Control Functions NVT as accepting input from a keyboard that can generate more than 128 possible characters. (Figure 25.4) To pass control functions across TCP connection, TELNET encodes them using escape sequence – IAC to indicate the next byte is the command byte. (Figure 25.5) 25.6 Forcing the Server to Read a Control Function Method: TELNET uses out of band signal – Problem ? misbehaving application causes server’s buffer to fill up, and block server – Solution? Control function, SYNCH command and data mark causes TCP to send a segment with URGENT DATA bit set to bypass flow control and reach server immediately. Server then will discard all data until data mark and resume normal processing. 25.7 TELNET options In TELNET , options are negotiable, the client and server can reconfigure their connection. – i.e. 7-bit or 8-bit data The range of TELNET options is wide: some extend the capabilities in major ways while others deal minor details. – P. 493, list of Telnet option. 25.8 TELNET Option Negotiation Symmetric: both of sides – Will X? Do/Don’t X. Different version communication – If don’t understand request, decline! 25.9 Rlogin (BSD UNIX) Trusted Hosts – administrators may choose a set of “trusted” machines which are shared and establish equivalences among user logins. One user, different login names in different machines without password. rsh – One variant rlogin. rsh diamond ls 25.9 Rlogin (BSD UNIX) cont. Advantage – rlogin understand both local and remote computing environments, they communicate better than TELNET. Unix stdin, stdout. Re-direction exports user’s environment to remote machine. Demo rlogin and rsh – Sun lab doesn’t fully support rsh. – Neither rlogin Telnet: is not Telnet only – telnet different port/protocol – Knowledge of TCP/IP Being a hacker?