Executing Remote Shell Commands on Cisco Routers initiated by Unix(R) Hosts

Alexander "ripp" Kinscher <ripp@csmn.de>

Fri May 05 19:48:27 CEST 2006

Additional References


* http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/
  products_feature_guide09186a0080087c7f.html
* http://www.cisco.com/en/US/products/ps6350/
  products_configuration_guide_chapter09186a008043fd57.html


A Unix Host with R-Tools (hostname lucy)


For instance:

# lucy$ which rsh
# /usr/bin/rsh

# lucy$ uname;uname -r
# FreeBSD
# 6.1-RELEASE

At least a Cisco Router ;-) (hostname gate).

I used a 2621 one with IOS 12.3 running. Activating remoteshell on your Cisco
box, so heres the required setting for your config:

First... check out who we are...

# lucy$ whoami
# ripp

Active remote command shell and add us

# gate(config)#no ip rcmd domain-lookup
# gate(config)#ip rcmd rsh-enable
# gate(config)#username ripp priv 15 pass 0 !SECRET!

Think about the privs, donot use 15 because its so easy :).
More detailed info: (87.239.141.122 is the IP of our UNIX host)

# gate(config)#ip rcmd remote-host ?
# WORD Local username
# gate(config)#ip rcmd remote-host ripp ?
# <1-99> Access list number
# Hostname or A.B.C.D Remote hostname or IP address
# gate(config)#ip rcmd remote-host ripp 87.239.141.122 ?
# WORD Remote username

and finally.... (ena is only required for commands in enable mode)

# gate(config)#ip rcmd remote-host ripp 87.239.141.122 ripp ena

Back on the Unixbox

# lucy$ rsh 87.239.141.97 sh users
#
# Line User Host(s) Idle Location
# * 2 vty 0 idle 00:00:00 87.239.141.122
#

Thats it!