Solaris Console File Transfer
One annoying administrative dilemma in a "secure" IT environment is the
How does one transfer files to/from Solaris servers that
accessible via console serial interface attached to a network terminal
This scenario is particularly prevalent with firewalls. To
complicate matters, these servers have minimal Solaris
installations. And, the usual network file transfer services are
prohibited at the firewall due to
It turns out that most of the utilities needed to transfer files via
network accessible console cable are already a part of Solaris.
The secure "target" system will require these utilities:
The administrator will need these utilities at his/her workstation:
The only utility missing from Solaris is the pseudo terminal
- uuencode and uudecode
- telnet; Or an alternate network client for console access
- A pseudo terminal (pty) redirector
Managing PPP book includes code for a very small and efficient
redirector utility, ptysh2-sysv.c.
Although the code is intended for PPP, we administrators know a good
hack (and a good book) when we discover them.
There are other pseudo terminal redirectors out there.
others are generally larger in size, and more unwieldy to use
(especially the arguments necessary for the command line).
Tip is a utility for conversing with a serial interface.
More importantly, tip supports text file transfers to a remote
prompt. The trick is to use tip over the network, rather
over a physical serial interface.
The ptysh2-sysv utility creates a "fake" serial interface
that's connected to /bin/sh. Now we can use tip to
connect with a shell;
use the shell to connect with telnet; then invoke the tip
transfer feature to deliver (or get) a file to the remote host's
- If the file to transfer is binary, encode it to text.
$ uuencode filebin filebin > filebin.uue
- Using tip, ptysh2-sysv, and telnet,
to the console port of the remote server and login.
$ ./ptysh2-sysv /home/admin/shterm &
$ tip -9600 /home/admin/shterm
$ $ telnet consoles.asun.net 2001
Connected to consoles.asun.net.
Escape character is '^]'.
fw1 console login: root
Sun Microsystems Inc. SunOS
5.8 Generic February 2000
- Get tip to send the file.
~< receive file from
~> send file to remote host
~t take file from remote UNIX
~p put file to remote UNIX
~| pipe remote file
~C connect program to remote
~c change directory
~. exit from tip
~^D exit from tip
~$ pipe local command to
~^Y suspend tip (local only)
~^Z suspend tip (local+remote)
~s set variable
~? get this summary
~# send break
179 lines transferred in 0 seconds
- Decode the file with uudecode, completing the file
transfer. It's highly advisable to check the integrity of the
transferred file, since tip does not do any error
# uudecode filebin.uue
# ls filebin*
# rm filebin.uue
# # Other tasks here
- Disconnect the telnet session (use the escape
character). Then disconnect tip by exiting the shell.
fw1 console login:
- Finally, shut down the ptysh2-sysv process.
$ ps -ef | grep pty
Neat trick, huh?
admin 2831 2803 0 00:48:45
pts/2 0:00 ./ptysh2-sysv /home/admin/shterm
admin 2891 2803 0 01:11:11
pts/2 0:00 grep pty
$ kill 2831
The real file transfer utilities
The utilities that are really designed to support file transfers over a
connection (using the network or otherwise) are:
In order to use these utilities, they have to be installed at both the
workstation and the target host. That's a potential catch 22
for secure remote hosts that have already been installed.