This article provides information about the default and customizable services that are running on Junos.
By default, rsh and rlogin services are enabled on Junos. Customers, based on their requirements, can enable Telnet, FTP, and so on.
On Junos, the inetd.conf file is present in the /etc directory. This file is used to control the services, which are running on the device. The following output was captured from the Junos shell:
% less /etc/inetd.conf # $Id: inetd.conf.sys,v 1.2.474.1 2009-04-16 05:22:03 kdickman Exp $ # # Ports to listen on for RE-RE # These are independent of any user configuration. # login stream tcp/rt=__juniper_private1__ nowait/75/150 root /usr/libexec/rlogind rlogind shell stream tcp/rt=__juniper_private1__ nowait/75/1500 root /usr/libexec/rshd rshd # ftp stream tcp nowait/75/150 root /usr/libexec/ftpd ftpd -l ftp stream tcp6 nowait/75/150 root /usr/libexec/ftpd ftpd -l ssh stream tcp nowait/75/150 root /usr/sbin/sshd sshd -i -f /var/etc/sshd_conf ssh stream tcp6 nowait/75/150 root /usr/sbin/sshd sshd -i -f /var/etc/sshd_conf telnet stream tcp nowait/75/150 root /usr/libexec/telnetd telnetd telnet stream tcp6 nowait/75/150 root /usr/libexec/telnetd telnetd
From the above output, you can see that currently inetd.conf is programmed to run all the services, which are configured on the RE. The following sample configuration is the above inetd states:
[edit] sco@mx240-2-re0# show groups jtac system services ftp; ssh { root-login allow; protocol-version v2; } telnet;
If telnet is removed from the configuration, the file would look like the following:
sco@mx240-2-re0> show configuration groups jtac system services ftp; ssh { root-login allow; protocol-version v2; } % less /etc/inetd.conf # $Id: inetd.conf.sys,v 1.2.474.1 2009-04-16 05:22:03 kdickman Exp $ # # Ports to listen on for RE-RE # These are independent of any user configuration. # login stream tcp/rt=__juniper_private1__ nowait/75/150 root /usr/libexec/rlogind rlogind shell stream tcp/rt=__juniper_private1__ nowait/75/1500 root /usr/libexec/rshd rshd # ftp stream tcp nowait/75/150 root /usr/libexec/ftpd ftpd -l ftp stream tcp6 nowait/75/150 root /usr/libexec/ftpd ftpd -l ssh stream tcp nowait/75/150 root /usr/sbin/sshd sshd -i -f /var/etc/sshd_conf ssh stream tcp6 nowait/75/150 root /usr/sbin/sshd sshd -i -f /var/etc/sshd_conf /etc/inetd.conf (END)
By default, Junos is programmed to run the rlogin and rsh services. The services are highlighted in bold in the above outputs. These two services are used to login from RE0 to RE1 and vice-versa, via a user request from CLI and for various cases, in which the commands need to be run on other RE to get some information.
Note:
- rlogin is a software utility for Unix-like computer operating systems, which allows users to logon to another host via a network, that communicate via TCP port 513.
- rsh is a command line computer program, which can execute shell commands as another user, on another computer across a computer network.
- The remote system, to which rsh connects, runs the rshd daemon. The rshd daemon typically uses the well-known Transmission Control Protocol (TCP) port number 514.
- rlogin is based on RFC 1282.