Using the Shell class to script rlogin or rsh

General
1

I note that from “Terminal” on Mac OS I can “rsh” or “rlogin” into a system. Using the Xojo Interactive Shell demo I can issue commands and see the results on my local system. When I issue a command to remote shell to another system, I see the password prompt as expected…but I get not no responses from that point on. Sending the password or anything does not result in a data received event being fired. I should receive a successful login message…or at least an “invalid login” message from the remote server. I can remote shell into the same server and provide the required password just fine from Terminal. These systems are all internal…yes I know a secure shell would be a better (secure) connection method. I’ve tried to remote into multiple servers with the same result. I’m wondering if the escape sequence coming from the remote system to disable the echo (for passwords) is creating a problem?

2

I note that I am able to “telnet” and log into a remote system…and if I try to execute login/rsh from the system I telnet’ed into…it prompts for password and then apparently locks up the shell. Seems like unexpected behavior to me. I updated the demo project so i could force a shell poll on demand…and my shell class is getting no result from sending the password.

3

Don’t use rsh or telnet in 21th century. These protocols has no security. If you would be a good system administrator, you must disable these services on all systems. Use ssh instead.

4

Ok, now that we got the requisite “don’t do that” out of the way… These systems are on a private network and I completely expect they will be moved to ssh sooner than later… until that day arrives I really need to be able to command these systems to do my bidding. My current available communications channel is rsh and rlogin. I was hoping I could use the Xojo shell class to script a few simple commands…but I won’t get very far if I can’t get past the password prompt…and yes…I do have the appropriate password. I’m trying some rlogin options to try and deal with escape sequences…but I’m open to suggestions. Since I actually need an “interactive” session…I’m going with rlogin over rsh. Telnet (and ssh) is not currently an option (otherwise I’d be done already).

5

Some of these tools REQUIRE a TTY and the shell may not be set up that way

6

Yes, I’m concerned this may be the issue. It’s managed to outsmart me so far. I have another system that I can use to rlogin to the desired server… so I use the shell class to Telnet to that system successfully…and then I try to rlogin from there…and it still hangs. You would think that once I telnet to another system…the next system down the line wouldn’t have an issue with the TTY of my original system. I can see the processes on the system and they look rather ordinary to me. If I kill one of the rlogin processes my shell class sees the “interrupt” and resumes working normally for local commands. I know there are great ssh pluggins available – you would think these would have similar issues. Surprised there isn’t a dedicated rsh class…rather than use the shell class to rsh using system level tools.

7

A shout out to those that realize that ssh is the secure protocol of choice. When done properly, ssh communications are securely encrypted between the client and the server so that no-one can intercept the communications. We are moving towards this plan…however…this also makes it near impossible to have a man in the middle monitor what people are doing on the server. Who deleted that file? Who corrupted the database? What did somebody do on the server that created a problem? With “ssh”… your communications are kept private. We require a level of transparency on these internal systems precisely so we can find out exactly what communications transpired between client and server if there is a problem. None of these communications take place from the internet at large. Every keystroke is indeed purposefully intercepted and logged. This is more important at the moment than being concerned with somebody wire-sharking inside our own office.

8

Although I haven’t yet arrived at a viable solution to my problem, I would like to extend a sincere thank you to all the forum members that took time out of their schedule to read, consider, and perhaps even respond to my problem. Please know that it is truly appreciated. I always listen to any suggestion. You don’t know what I know about my use case, and I often don’t know…what I don’t know… Your ideas and suggestions often lead to a learning experience for me. I still welcome any additional thoughts and insight you care to share. Thank you again to the engaged Xojo developer community.

9

Have you tried echo-ing the password and piping it into the rsh command? That might get you past the login (although it is a security hole, but that may not be an issue with your setup). That said, a shell is very different from the Terminal, especially as there is no TTY and the environment doesn’t get the benefit of your login script. So you may have a hard time getting this to work in a shell.

10

Did you look into using SSH?

We have a plugin for SSH2:
http://www.monkeybreadsoftware.net/pluginpart-ssh2.shtml

11

You might want to have a look on this: http://www.openssh.com/

12

@Tim H. - I tried the echo method to send in the password. “rlogin” really doesn’t like that apparently. I can’t even make that work from Terminal. I’m surprised. – no idea why. I figure if my problem is that I’m not a “tty” (even though a “ps” seems to indicate I am a tty) — I thought I’d try a few other tricks to turn a shell into a TTY. I was able to deploy a few different means to make myself a TTY which seemed successful - but “rlogin” still wouldn’t play ball with them. I tried setting my TERM type with an “export” command before connecting. No help. I decided to turn off the textbox updates during rlogin in case it was some rogue escape sequence that made my textbox refuse to update or something. No help. I was able to determine that my shell was not budging even though I wasn’t displaying anything. I note that rlogin actually creates TWO processes and somehow it hooks them into stdin and stdout of the calling process. The issue must be there somewhere. I would prefer to use SSH and Christian’s’ Plugin, SSH connections are currently firewalled (so that nobody can send un-monitored commands to these servers). I’m working with our network group to enable SSH connections from this one particular IP-address which performs automated tasks but getting our unusual security policy changed for these servers isn’t a trivial matter. I’ve got a few more “fun” things to try. I’m going to turn this process into a web -app and see if that makes any difference.

13

Ok…I finally was able to get an expect script to log me in. Woot! Now I just need to parameterize the password and stuff…
If you are curious or have this same issue some day… here is my test expect script…
#!/usr/bin/expect -f

set timeout -1
spawn $env(SHELL)
match_max 100000
expect "\$ "
send – "rlogin -l username 123.456.789.10\r”
expect -exact "rlogin -l username 123.456.789.10\r
Password: "
send – “mYp@55w0rd\r”
expect "\$ "
send – “uname -a\r”
expect "\$ "
interact
expect eof

Once i execute this…it logs me into the remote server and goes into “interact” state where I can pass in additional commands for the remote server and eventually exit out when I’m done. (exit twice…once for the remote server…and once for the spawned shell)

Again thank you to everyone here for your ideas. Using the knowledge people provided about Shell versus Terminal…I set out to solve that problem which in turn provided me a solution to the larger issue.