As much as each software vendor would like it to be so, most IT environments are not homogenous. Most shops do not run Linux or Windows or Solaris exclusively. So what happens when a user on one type of system needs to interact with another type of system? To be more specific what should a Windows user do if she needs to access a UNIX system? In this article, I’ll talk about six utilities that allow a Windows user to interact with a UNIX host.
Introducing OpManager, an enterprise-ready network & datacenter infrastructure monitoring software. Trusted by over a million IT admins worldwide, OpManager monitors Routers, Switches, Firewalls, Physical/Virtual Servers, LAN/WAN traffic, Configuration changes, Apps such as Oracle, SAP, Websphere, etc & other IT devices from a single console. It is easy-to-deploy & use. Try it for FreeDownload FREE 30-Day Trial of ManageEngine OpManager
UNIX vs Windows
The creators of UNIX worked from a set of principles that would later become known as the UNIX Philosophy. This philosophy was to lead to a system that
- Was easy for UNIX developers to extend
- Was easy for end users to learn
- Was interoperable with other systems
The result was the development of many small, simple utilities that could be combined to accomplish more complex tasks. So that’s where Windows PowerShell got the idea!
Windows was initially designed to be easy for end users to learn and manage, but not necessarily easy to extend. It is also pretty obvious that early Windows version were not designed to play nicely with other systems.
These are conflicting goals. Thankfully, there are now more options available for connectivity between Windows and UNIX systems. I use some of these utilities fairly often. And the cool thing about these utilities is that most of them ship with all current versions of Windows (actually most of them were also available in the NT4 days).
Telnet (TCP port 23)
Telnet is a set of technologies (protocols and software) that allows connectivity to remote hosts for the purpose of running character based (text) applications and scripts. It is client'server based and as such requires a server to accept new Telnet connections and process Telnet commands. A client is needed to issue requires to the server on behalf of the user
Using a Telnet client is straight forward. Typically the client is invoked by typing Telnet followed by a host name:
This will cause the Telnet client to contact the Telnet server on the host (fbsd1.dynalias.net in this case). A login prompt will appear once a connection is established. After logging on, user will then be presented with whatever system messages the UNIX admin has configured and a command prompt.
Here is a sample Telnet session to one of my test machines running FreeBSD:
FreeBSD/i386 (fbsd1.hsd1.il.comcast.net.) (ttyp0) login: johnkel Password:XXXX Last login: Tue May 8 01:03:27 from 192.168.1.100 Copyright (c) 1992-2006 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 6.1-RELEASE (GENERIC) #0: Sun May 7 04:32:43 UTC 2006 Welcome to FreeBSD! Before seeking technical support, please use the following resources: o Security advisories and updated errata information for all releases are at http://www.FreeBSD.org/releases/ - always consult the ERRATA section for your release first as it's updated frequently. o The Handbook and FAQ documents are at http://www.FreeBSD.org/ and, along with the mailing lists, can be searched by going to http://www.FreeBSD.org/search/. If the doc distribution has been installed, they're also available formatted in /usr/share/doc. If you still have a question or problem, please take the output of `uname -a', along with any relevant error messages, and email it as a question to the questions@FreeBSD.org mailing list. If you are unfamiliar with FreeBSD's directory layout, please refer to the hier(7) manual page. If you are not familiar with manual pages, type `man man'. You may also use sysinstall(8) to re-enter the installation and configuration utility. Edit /etc/motd to change this login announcement. $
Basic Telnet is not secure. Passwords are sent in clear text and can be sniffed with tools such as Wireshark. Some Telnet implementation support secure connections using SSL or TLS. The default Microsoft Telnet client does not. Also, note that both the Telnet client and Telnet server must support secure connections.
FTP (TCP port 21 and sometimes 20)
File Transfer Protocol (FTP) is similar in its design and general purpose to Telnet. However, while Telnet sessions do not support data transfers (other than the transfer of console data –screen'keyboard), FTP does.
Using FTP is also very straight forward. The command FTP is issued followed by a hostname:
This will bring cause the FTP client to contact the FTP server on the host. A login prompt will appear once a connection is established. A user will then be presented with whatever system messages the UNIX admin has configured and an FTP command prompt. This command prompt accepts only commands that can be understood by the FTP server. Type the help command at the FTP prompt to see what commands are accepted by the Telnet client you are using.
C:'>FTP 192.168.1.123 Connected to 192.168.1.123. 220 fbsd1.hsd1.il.comcast.net. FTP server (Version 6.00LS) ready. User (192.168.1.123:(none)): johnkel 331 Password required for johnkel. Password: 230 User johnkel logged in. FTP> help Commands may be abbreviated. Commands are: ! delete literal prompt send ? debug ls put status append dir mdelete pwd trace ascii disconnect mdir quit type bell get mget quote user binary glob mkdir recv verbose bye hash mls remotehelp cd help mput rename close lcd open rmdir FTP> ! Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp. C:'>exit FTP>
The most typical FTP commands in use are the following:
- get'mget – to get a single or multiple files respectively
- put'mput – to send a single or multiple files respectively
- dir – to list files on the remote machine
- cd – to change the current directory on the remote machine
- binary – to change the transfer mode to binary. This is usually the default. But check anyway. You will want this enabled when transferring files between UNIX and Windows hosts.
Basic FTP suffers from the same security problems as basic Telnet. Passwords are sent in clear text and can be sniffed with tools such as Wireshark or TCPdump. Again, similar to Telnet some implementations support secure connections using SSL or TLS. The default Microsoft FTP client does not. Finally, both the FTP client and FTP server must support secure connections.
Internet Explorer (IE) includes a GUI FTP client. In the IE address bar use the following syntax to connect to an FTP server: FTP://hostname. Below is a screenshot of IE connecting to the funet FTP software archive at FTP.funet.fi
Also, an FTP server will try to open a connection back to the host running the FTP client when in active mode. This will generally not work if the client and server are separated by a firewall. In this case you will have to use passive mode FTP. In passive mode the FTP client will open two connections to the server to be used for data and control information.
RSH & RCP
Both of these utilities are client'server based (are you starting to see a pattern here?) and require the remote shell daemon (comparable to a Windows service) rshd which implements the server.
Remote Shell (RSH)
Remote Shell is used to issue a command on a remote host and present the results of that command on the local client.
Here is an example RSH command:
rsh –l johnkel 192.168.1.123 ls
This command establishes a connection to the server at address 192.168.1.123 using the remote system account johnkel to issue the ls (directory listing) command.
Remote Copy (RCP)
Remote Copy does just that. It allows you to copy files between two separate hosts.
Here is an example RCP command:
rcp -b -r -h 'FamilyPics 192.168.1.123.johnkel:
This command will perform a recursive (-r) binary mode file copy (-b) of all files and subdirectories in the 'FamilyPics folder to the home directory associated with the johnkel account on the host at 192.168.1.123. It will also copy hidden files (-h).
Remote Exec (REXEC)
Remote Exec is another utility used to execute commands on a remote host. It is functionally similar to Remote Shell but does not use the rshd daemon software. I will not show an example of this command in action since it is very similar to rsh.
PuTTY is a free Telnet and SSH client for UNIX and Windows. It was created and is maintained by Simon Tatham. You may download PuTTY from the following website: http://www.chiark.greenend.org.uk/~sgtatham/putty/
I use this utility most often for UNIX connectivity. It allows secure communications between hosts since it implements the Secure SHell (SSH) protocol. It has a clean interface, a host of features and it just works. And as I previously stated it is free.
Installation is done simply be unzipping the distribution file to a folder (preferably one in your path). Then you may type ‘putty’ at a command prompt. You could also create a shortcut since this is GUI application.
Putty also comes with secure copy (SCP) and secure FTP (sFTP) clients as well as a few other utilities.
Here is an example scFTP session:
C:'Temp>psFTP psFTP: no hostname specified; use "open host.name" to connect psFTP> open 192.168.1.123 login as: johnkel Using keyboard-interactive authentication. Password: Remote working directory is /usr/home/JOHNKEL psFTP> ls Listing directory /usr/home/JOHNKEL drwxr-xr-x 3 johnkel johnkel 512 Apr 24 21:56 . drwxr-xr-x 3 root wheel 512 Apr 13 17:31 .. -rw-r--r-- 1 johnkel johnkel 767 Apr 13 17:31 .cshrc -rw-r--r-- 1 johnkel johnkel 248 Apr 13 17:31 .login -rw-r--r-- 1 johnkel johnkel 158 Apr 13 17:31 .login_conf -rw------- 1 johnkel johnkel 373 Apr 13 17:31 .mail_aliases -rw-r--r-- 1 johnkel johnkel 331 Apr 13 17:31 .mailrc -rw-r--r-- 1 johnkel johnkel 797 Apr 13 17:31 .profile -rw------- 1 johnkel johnkel 276 Apr 13 17:31 .rhosts -rw-r--r-- 1 johnkel johnkel 975 Apr 13 17:31 .shrc drwxr-xr-x 2 johnkel johnkel 512 Apr 25 00:15 exa1 psFTP> ls
Securing Telnet, FTP and RSH with SSH
SSH implementations have the ability to open a secure channel to a service and act as a tunnel for an application that does not support security. This is handy if, for example, you must use an insecure Telnet client and you don’t want anyone with a network sniffer to see what you are doing.
Here is an example of port forwarding a Telnet session:
- Launch PuTTY and connect to the destination host using the SSH protocol. Note that I will be securing a Telnet session on a server that does not support secure Telnet. This is obviously unnecessary since the host supports Secure Shell!
- Then select the SSH->Tunnel page. Enter an unused port in the Source Port text box. Then enter the destination server name or address followed by a colon and the port PuTTY will forward to.
- Click the ‘Open’ button. A terminal window will and prompt you to logon to the remote host using SSH. Additionally, your machine will begin accepting connections on the specified source port. Enter your name and password to login to the remote host
- Now you may connect to this server using any non secure Telnet client. Just remember that you must connect using the port specified in the tunnel configuration in step 2
This technique can work with just about any application that opens network connections over a single port. However, protocols like FTP, which require multiple connections over different ports cannot be port forwarded with putty. A version 3 SSH client is required for this functionality. As of this article, PuTTY only supports versions 1 and 2 of the SSH protocol.
So long, farewell…
This has been a quick tour of Windows to UNIX connectivity. Many other connectivity tools are available such as for mapping a UNIX filesystem into Windows, or to access graphical applications running on a UNIX host from Windows. There is also the topic of how to access a Windows machine from UNIX. Perhaps I’ll write about those in a future article.
Recent Networking Forum threads
Got a question? Post it on our Windows Networking Forums!