Radio Shack FC-241 ユーザーズマニュアル
Configuring Additional File Transfer Functions
Configuring a Router to Use rsh and rcp
FC-248
Cisco IOS Configuration Fundamentals Configuration Guide, Release 12.1
Configuring a Router to Use rsh and rcp
Remote shell (rsh) gives users the ability to execute commands remotely. Remote copy (rcp) allows users
to copy files to and from a file system residing on a remote host or server on the network. Cisco's
implementation of rsh and rcp interoperates with the industry standard implementations.
to copy files to and from a file system residing on a remote host or server on the network. Cisco's
implementation of rsh and rcp interoperates with the industry standard implementations.
Note
Cisco uses the abbreviation RCMD (Remote Command) to indicate both rsh and rcp
The following tasks are covered in this section:
•
•
•
•
Specifying the Source Interface for Outgoing RCMD Communications
You can specify the source interface for RCMD (rsh and rcp) communications. For example, the router
can be configured so that RCMD connections use the loopback interface as the source address of all
packets leaving the router. To specify the interface associated with RCMP communications, use the
following command in global configuration mode:
can be configured so that RCMD connections use the loopback interface as the source address of all
packets leaving the router. To specify the interface associated with RCMP communications, use the
following command in global configuration mode:
Specifying the source-interface is most commonly used to specify a loopback interface. This allows you
to associate a permanent IP address with RCMD communications.
to associate a permanent IP address with RCMD communications.
Having a permanent IP address is useful for session identification (remote device can consistently
idendify the origin of packets for the session). A "well-known" IP address can also be used for security
purposes, as you can then create access lists on remote devices which include the address.
idendify the origin of packets for the session). A "well-known" IP address can also be used for security
purposes, as you can then create access lists on remote devices which include the address.
Disabling DNS Reverse Lookup for RCMD
As a basic security check, the Cisco IOS software does a reverse lookup of the client IP address using
DNS. This check is performed using a host authentication process.
DNS. This check is performed using a host authentication process.
When enabled, the system records the address of the requesting client. That address is mapped to a host
name using DNS. Then a DNS request is made for the IP address for that host name. The IP address
received is then checked against the original requesting address. If the address does not match with any
of the addresses received from DNS, the RCMD request will not be serviced.
name using DNS. Then a DNS request is made for the IP address for that host name. The IP address
received is then checked against the original requesting address. If the address does not match with any
of the addresses received from DNS, the RCMD request will not be serviced.
This reverse lookup is intended to help protect against "spoofing." However, please note that the process
only confirms that the IP address is a valid routable address; it is still possible for a hacker to spoof the
valid IP address of a known host.
only confirms that the IP address is a valid routable address; it is still possible for a hacker to spoof the
valid IP address of a known host.
Command
Purpose
ip rcmd source-interface
interface-id
Specifies the interface address that will be used to label all
outgoing rsh and rcp traffic.
outgoing rsh and rcp traffic.