Re: Trying to get rcp going...

CriscoSystems · ‎02-02-2009

On another thread I complained about a 2501 with IOS 12.3(24) that won't permit me to make the IOS image available for tftp transfers. While that issue awaits resolution (or surrender), I am trying to transfer via rcp; which is brand new to me. First I familiarized myself with rsh and finally got it working, with Router-E (8MB Flash, IOS 12.0) as the server and Router-A (16MB Flash, IOS 12.2) the client[IOS 12.2 image already backed up in multiple locations]. Then I tried copying with the copy rcp flash command on Router A, and it was a dud.

Here's the config of Router-E:

=====================================

Current configuration:

!

version 12.0

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Sethtek-E

!

enable secret xxx

!

username xochi password 0 xxxxxx

ip subnet-zero

ip rcmd rcp-enable

ip rcmd rsh-enable

ip rcmd remote-host stuey 10.50.50.1 snuffy

no ip domain-lookup

!

interface Loopback0

ip address 222.1.5.1 255.255.255.0

no ip directed-broadcast

!

interface Ethernet0

ip address 10.50.50.5 255.255.255.0

no ip directed-broadcast

!

interface Serial0

ip address 215.0.0.5 255.255.255.252

no ip directed-broadcast

encapsulation ppp

clockrate 56000

!

interface Serial1

ip address 215.0.0.5 255.255.255.252

no ip directed-broadcast

encapsulation ppp

!

interface TokenRing0

ip address 10.4.4.5 255.255.255.0

no ip directed-broadcast

ring-speed 16

!

router ospf 10

network 10.4.4.0 0.0.0.255 area 0

network 222.1.5.0 0.0.0.255 area 0

!

ip classless

!

banner exec ^C

Welcome to Seth's 2513

^C

banner motd ^C

This here is Seth's 2513 router in Seth's CCNP Lab

^C

!

line con 0

transport input none

line aux 0

line vty 0 4

password grover

login

!

end

=====================================

The image filename on E is "c2500-i-l.120-8.bin"

so I try copy rcp flash and I get this:

=====================================

Router-A#copy rcp flash

**** NOTICE ****

Flash load helper v1.0

This process will accept the copy options and then terminate

the current system image to use the ROM based image for the copy.

Routing functionality will not be available during that time.

If you are logged in via telnet, this connection will terminate.

Users with console access can see the results of the copy operation.

---- ******** ----

[There are active users logged into the system]

Proceed? [confirm]y

Address or name of remote host []? 10.50.50.5

Source username [snuffy]?

Source filename []? c2500-i-l.120-8.bin

Destination filename [c2500-i-l.120-8.bin]?

The returned username is snuffy(3FFC4C)

Accessing rcp://snuffy@10.50.50.5/c2500-i-l.120-8.bin...

%Error opening rcp://snuffy@10.50.50.5/c2500-i-l.120-8.bin (Permission denied)

Router-A#

=====================================

CriscoSystems · ‎02-02-2009

So when I tried it with "stuey" as the source username, I get this:

=====================================

Proceed? [confirm]y

Address or name of remote host [10.50.50.5]?

Source username [stuey]?

Source filename [flash:c2500-i-l.120-8.bin]?

Destination filename [flash:c2500-i-l.120-8.bin]?

The returned username is snuffy(3FFC4C)

%Flash Load Helper does not support embedded usernames. The configured (or

default) username 'snuffy' will be used instead.

Accessing rcp://stuey@10.50.50.5/flash:c2500-i-l.120-8.bin...

%Error opening rcp://stuey@10.50.50.5/flash:c2500-i-l.120-8.bin (No such file o)

Router-A#

=====================================

Which, is strange that it would say no such file because there quite bloody is such a file; it's the only friggin' file there IS in the flash memory on the remote device...

So, am I doing something wrong here, configuration or execution-wise?

Joe Clarke · ‎02-02-2009

You're lacking a username configuration for stuey. Try adding:

username stuey password 0 stuey

Also, add:

ip rcmd remote-host stuey 10.50.50.1 snuffy enable

Then, from the host 10.50.50.1, username snuffy is allowed to use rcp.

CriscoSystems · ‎02-04-2009

Ain't it crazymaking? All this remote-usernames and local usernames and local logins versus sent usernames....I am ready to pull my hair out over here.

See when I have the

ip rcmd remote-host stuey 10.50.50.1 snuffy

command configured, then from a remote device I can do

rsh 10.50.50.1 /user stuey show flash

successfully, as long as I'm logged in as snuffy on the remote device. I BELIEVED that if I configured

ip rcmd remote-username snuffy

that I would then be permitted to do rsh on 10.50.50.1 without having to log in as snuffy. I have been proven wrong about that. So what is the purpose of the ip rcmd remote-username command? Where does that value get inserted?

Joe Clarke · ‎02-04-2009

This command is used for client connections (i.e. when specifying copy rcp://... from the command line).

CriscoSystems · ‎02-05-2009

I must say I am still confused. Even throwing away my confusion about the remote-username command. When I have the

ip rcmd remote-host stuey 10.50.50.1 snuffy

command configured, then when I'm logged in as snuffy on 10.50.50.1 I am allowed to execute rsh commands, as long as I use stuey as the /user value. This is WITHOUT configuring a username for stuey on the 10.50.50.1 host.

But rcp requires that one be configured, while rsh does not?

Or am I __stilllll__ confused about the local-user vs. remote-user busines....

Joe Clarke · ‎02-05-2009

I remembered incorrectly. A local username on the device is not required. However, the "enable" keyword is required for rcp since you need to be enabled to access flash. So you will need to change the command to:

ip rcmd remote-host stuey 10.50.50.1 snuffy enable