CentOS7中上古工具RCP的安装😄

发表于 | 分类于
本文字数: 3.1k | 阅读时长 ≈ 3 分钟

  RCP在目前来说可以算上古工具了,用于复制远程文件或目录,明文传输,数据包中直接显示命令,用户名称和文件内容,十分不安全,现在应该基本无人使用,大家都使用更加安全的方式来传输文件。我需要一个rcp命令传输文件时的数据包,但是没有相应PCAP和环境,就搭建了一个。过程记录如下:

先说一下环境: 局域网,同一网段下两台机器
OS:CentOS Linux release 7.4.1708 (Core)、CentOS Linux release 7.5.1804 (Core)

一、安装 

1
yum -y install rsh rsh-server xinetd

二、修改两台机器下hosts文件
目的是为了将双方IP和hostname进行对应

1
2
3
4
[root@localhost ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.101.101 rcpone
1
2
3
4
[root@localhost ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.101.102 rcptwo

三、在两台机器的根目录下创建.rhosts文件,内容分别为: 

1
2
[root@localhost ~]# cat .rhosts 
rcpone root
1
2
[root@localhost ~]# cat .rhosts 
rcptwo root

四、分别在两台机器/etc/xinetd.d目录内创建rlogin和rsh文件,写入文件内容并确保存在disable = no
rlogin:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
[root@localhost ~]# cat /etc/xinetd.d/rlogin
# default:on
# description: rlogind is the server for the rlogin(1) program. The server
# provides a remote login facility with authentication based on
# privileged port numbers from trusted hosts.
service login
{
    disable = no
    socket_type = stream
    wait = no
    user = root
    log_on_success += USERID
    log_on_failure += USERID
    server = /usr/sbin/in.rlogind
}

rsh:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
[root@localhost ~]# cat /etc/xinetd.d/rsh
# default:on
# description: The rshd server is the server for the rcmd(3) routine and,
# consequently, for the rsh(1) program. The server provides
# remote execution facilities with authentication based on
# privileged port numbers from trusted hosts.
service shell
{
    disable = no
    socket_type = stream
    wait = no
    user = root
    log_on_success += USERID
    log_on_failure += USERID
    server = /usr/sbin/in.rshd
}

五、在两台机器的/etc/securetty文件中添加rexec、rsh、rlogin三行。

六、分别重启xinetd服务 

1
service xinetd restart

或者

1
2
3
/bin/systemctl restart xinetd.service
/bin/systemctl enable xinetd.service
/bin/systemctl start xinetd.service

七、查看两台机器的防火墙是否处于active状态 

1
2
3
4
5
6
7
8
9
10
11
12
13
[root@localhost ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: active (running) since 三 2018-11-07 16:15:41 CST; 1h 42min ago
     Docs: man:firewalld(1)
 Main PID: 1121 (firewalld)
    Tasks: 2
   CGroup: /system.slice/firewalld.service
           └─1121 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

11月 07 16:15:37 localhost.localdomain systemd[1]: Starting firewalld - dynamic fi....
11月 07 16:15:41 localhost.localdomain systemd[1]: Started firewalld - dynamic fir....
Hint: Some lines were ellipsized, use -l to show in full.

如果是,请务必将两台机器的防火墙关闭。

八、测试rlogin和rsh功能 

1
2
3
4
5
6
7
8
9
10
11
[root@localhost ~]# rlogin rcptwo
Last login: Wed Nov  7 18:04:09 from rcpone
[root@localhost ~]# exit
登出
rlogin: connection closed.

[root@localhost ~]# rsh rcptwo
Last login: Wed Nov  7 17:50:50 from rcpone
[root@localhost ~]# exit
登出
rlogin: connection closed.

九、使用rcp命令将rcpone中的文件复制到rcptwo中:

1
rcp rcp_test/hh.txt rcptwo:/root/rcp_test/
0%