📄 rfc2839.txt
字号:
Network Working Group F. da Cruz
Request for Comments: 2839 J. Altman
Category: Informational Columbia University
May 2000
Internet Kermit Service
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2000). All Rights Reserved.
ABSTRACT
This document describes a new file transfer service for the Internet
based on Telnet Protocol for option negotiation and Kermit Protocol
for file transfer and management. The Internet Kermit Service
provides access to both authenticated and anonymous users. The use
of Kermit protocol over a Telnet connection provides several
advantages over FTP, including easy traversal of firewalls, transfers
over multiple transports, and security via a combination of supported
Telnet authentication and encryption option negotiations, plus
significant functional benefits. While this document describes a new
service for the Internet, the clients for this service already exist
on most platforms in the form of Telnet clients that support the
Kermit file transfer protocol. These clients are available not only
from Columbia University's Kermit Project but also numerous third
parties.
TABLE OF CONTENTS
1. INTRODUCTION ................................................ 2
2. BACKGROUND .................................................. 3
2.1. History ................................................... 3
2.2. Motivation ................................................ 4
3. THE INTERNET KERMIT SERVICE MODEL ........................... 7
3.1. Server-Side Kermit Server ................................. 7
3.2. Client-Side Kermit Server ................................. 8
3.3. Loosely Coupled Operation ................................. 9
4. SECURITY CONSIDERATIONS .....................................10
4.1. AUTHENTICATION ............................................10
4.1.1. Telnet Authentication ...................................10
4.1.2. Telnet over TLS option ..................................11
da Cruz & Altman Informational [Page 1]
RFC 2839 Internet Kermit Service May 2000
4.1.3. Plaintext Authentication via Kermit REMOTE LOGIN ........11
4.1.4. Plaintext Authentication via Command Prompt .............11
4.1.5. Anonymous Login .........................................12
4.2. ENCRYPTION (PRIVACY) ......................................12
4.2.1 Telnet Encryption .......................................12
4.2.2 Telnet Start_TLS ........................................12
5. SERVICES ....................................................13
5.1. Features for System Administrators ........................13
5.2. Features for Users ........................................14
5.3. User Interface ............................................16
6. REFERENCES ..................................................18
7. AUTHORS' ADDRESSES ..........................................19
8. Full Copyright Statement ....................................20
PREFACE
This document describes an Internet Kermit Service (IKS) which
provides an alternative to FTP for the transfer of files. This
service is based upon both the TELNET protocol and the Kermit file
transfer protocol.
1. INTRODUCTION
The Internet Kermit Service:
1. Provides direct access to Kermit file transfer and management
services without requiring the user to first login to a shell
account;
2. Provides Kermit file transfer and management services to anonymous
users;
3. Provides services to all Telnet clients that support Kermit file
transfer protocol via a simple, predictable, scriptable, and
well-documented textual interface;
4. Provides direct and tightly-coupled access to a Kermit server when
requested via the Telnet Kermit Option [TKO].
This memo assumes knowledge of Transmission Control Protocol, the
Telnet Protocol [TEL], the Kermit File Transfer Protocol [KER,PRF],
Telnet Kermit Option [TKO], and the commands and features of Kermit
software [CKB,CMG,K95].
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [BCP].
da Cruz & Altman Informational [Page 2]
RFC 2839 Internet Kermit Service May 2000
Definitions:
Kermit server
A software program that is ready to accept and act upon commands
in the form of well-defined Kermit packets [KER].
Kermit client
A software program that receives requests through its user
interface from a human user (or a script or other source) and
translates them to command packets, which it sends to a Kermit
server, thus initiating a Kermit protocol transaction such as the
transfer of one or more files.
2. BACKGROUND
2.1. History
"Kermit" is the name of an extensible platform- and medium-
independent file transfer and management protocol [KER,PRF] and of a
suite of communications software programs that implement it and
integrate it with other communications functions [CMG,CKB,K95].
The Kermit protocol was first developed at Columbia University in New
York City in 1981 for transferring files without errors between
diverse types of computers over potentially hostile communication
links. Since 1981, the Kermit Project at Columbia University has
expanded the protocol, developed communications software that
implements it upon key platforms, and worked with volunteer
programmers at other sites adapting Kermit protocol to other
platforms or communication methods. The Kermit Project also serves
as the central point of Kermit software development, support,
information, and distribution throughout the world.
Kermit software is now available for nearly every computer and
operating system in existence. The major features of the most
popular Kermit programs are:
- Connection establishment and maintenance for a variety of
connection methods including direct serial, dialup, TCP/IP, X.25,
DECnet, and NETBIOS.
- Terminal emulation.
- Error-free transfer of both text and binary files, individually or
in groups.
- Character-set translation during both terminal emulation and
text-mode file transfer -- a unique feature of Kermit software.
da Cruz & Altman Informational [Page 3]
RFC 2839 Internet Kermit Service May 2000
- Remote file management through the client/server protocol.
- A powerful and portable scripting language allowing complete
automation of any task that can be performed manually.
Kermit's command and script language is consistent across all
platforms and communication methods, thus offering a unified method
for accomplishing a wide range of communication tasks manually or
under script control.
A single Kermit program combines the functions of many different
programs such as uucp, cu, tip, telnet, rlogin, ftp, iconv, and
expect: it is a Telnet and Rlogin client that can also transfer
files; it is a file transfer program that can also convert character
sets; it is a dialout program that can use dialing directories and
understands country codes and area codes; it is fully scriptable; it
offers both client/server and interactive modes of operation. In its
desktop versions (particularly for DOS, Windows, and OS/2) it offers
all the features of communications software that are usually lacking
from Internet client software (key mapping, colors, scrollback, mouse
functions, printer control, etc)
Kermit software is widely used throughout the academic, government,
and corporate spheres, both in the USA and internationally.
In addition to the Kermit software developed and/or distributed by
the Kermit Project at Columbia University, hundreds of other software
products -- commercial, shareware, and freeware -- also include some
level of support for the Kermit protocol. Thus there are hundreds,
perhaps thousands, of independent and interoperable Kermit protocol
implementations based upon the open Kermit protocol specification
[KER].
The Internet has formed the primary mechanism by which users and
developers of Kermit software have collaborated to produce feature
and command sets that continually evolve to meet their needs as
technology changes.
2.2. Motivation.
Kermit protocol and software makes connections from one computer to
another and transfers data between them. Countless people "live" in
Kermit all day long; as a customizable Telnet or Rlogin (or serial
communication) client with a wide selection of terminal emulations
and convenience features, it is their window onto the Internet.
da Cruz & Altman Informational [Page 4]
RFC 2839 Internet Kermit Service May 2000
Others use it in more creative ways, including some that involve key
parts of the Internet, e.g. in batch or cron jobs that update news or
Web servers or fetch email, or to monitor routers, terminal servers,
and hubs and dial pagers when faults are detected. It is used by
vendors of telecommunications equipment for remote diagnosis,
patching, and updates. Telecom managers often use Kermit scripts to
configure PBXs, muxes, routers, or terminal servers. In the world of
commerce, Kermit is widely used for financial transactions, EDI,
medical claim submission, and so forth. It is used with mobile
barcode readers in warehousing and inventory applications. It is
found in US Postal Service sorting and scanning equipment. It
connects many of the logistics and supply systems throughout the
military. It is found in fast-food restaurant cash registers,
milling and die-cutting machines, textile looms and cutters, printing
presses, and medical diagnostic equipment. It was the communications
backbone of the 1994 Brazilian national election -- the largest in
history.
And yet there has never been a strong, explicit connection of Kermit
with the Internet. In the early years, Kermit acted as a kind of
do-it-yourself network, enabling ordinary users to make connections
that were not already there, and for some years was the predominant
method of connecting a personal computer to the ARPAnet (e.g. by
dialing a TAC).
Nowadays, however, with so many of the world's computers on the
Internet, the role of Kermit software and protocol is changing.
Kermit users on the network would like to have the features,
functions, and interface they are accustomed to -- especially the
automation features -- available for use in settings where presently
only tools like FTP are available -- and even more so in situations
where standard software like FTP can't be used.
An Internet Kermit Service can fill this role, and augment the data
transfer power and flexibility of other Internet applications such as
Web browsers:
- Like FTP, Kermit provides a service that can be accessed from many
different platforms with a consistent set of commands, but unlike
FTP, these commands include programming constructions such as
variables, arrays, looping and selection mechanisms, and local and
remote procedure calls.
- Like FTP, Kermit provides both text- and binary-mode data
transfer, as well as file management capabilities. But Kermit
also offers numerous features lacking from FTP, such as
da Cruz & Altman Informational [Page 5]
RFC 2839 Internet Kermit Service May 2000
character-set translation, flexible file selection mechanisms,
attribute preservation, and so on (see Section 5.3 for a longer
list).
- Unlike standard FTP, Kermit can transfer data through multiple
firewalls, proxies, and network address translators (NATs) on a
single port.
- Unlike FTP, Kermit can transfer data across a combination of
transports (e.g. dial-up to a terminal server and thence to an
Internet host).
- Authentication and data transfer can take place over secure
connections (mutually authenticated and encrypted) using
established Telnet authentication and encryption options.
- Unlike traditional Kermit use over Telnet, anonymous access is
possible, and the considerable overhead of the intervening Telnet
server and pseudoterminal service is eliminated.
Until now the primary obstacles to an Internet Kermit Service have
been:
- Issues of authentication, privacy, and anonymous access. These
have been addressed in our implementation, as described Section 4
of this document.
- Issues of coordination and control. A Kermit software program can
be in any of several "modes": at its command prompt or menu,
awaiting commands from the user; in terminal mode, in which the
user's keystrokes are sent to the remote computer or service; or
in protocol mode, in which two Kermit programs communicate via
well-defined Kermit packets [KER]. Commands or operations valid
in one mode do not necessarily work in another. Until now, it has
been the user's responsibility to switch modes at one or both ends
of the connection as needed. A companion document [TKO] to this
one specifies a mechanism to closely couple the client and server
via Telnet protocol negotiations, allowing each to know the
other's state and to switch to the appropriate mode automatically
so a valid and useful relationship obtains at all times.
- Lack of a standard TCP port. The "registered" port 1649 was
assigned by IANA for this purpose (27 September 1995) and is named
"Kermit". (renamed from "Inspect".)
da Cruz & Altman Informational [Page 6]
RFC 2839 Internet Kermit Service May 2000
3. THE INTERNET KERMIT SERVICE MODEL
The Internet Kermit Service (IKS) uses a standard Telnet [TEL]
connection, in which all Telnet rules apply. Unlike FTP, which
requires additional TCP connections, IKS uses a single channel for
both signaling and data transfer. The connection is multiplexed via
(a) Telnet options, and (b) Kermit protocol messages. This allows
existing Telnet clients that also support the Kermit protocol,
whether or not they support the Telnet Kermit Option [TKO], to use
the IKS and take advantage of all relevant Telnet options including
authentication and encryption.
The system Internet services daemon (e.g. inetd) waits for a
connection on the Kermit socket (1649) and then starts the IKS on the
new connection. The IKS performs the familiar Telnet negotiations
including the Telnet Kermit option. Unlike a standard Telnet server,
the IKS does not support the ability to present the user with an
interactive system shell. The Kermit socket is used only for file
transfer and management functions provided by Kermit file transfer
protocol and the Kermit script language.
Once the connection is established, the Telnet Kermit Option is
negotiated in both directions. The results determine which of the
following configurations is used by the Telnet client and Server:
. Server-side Kermit Server (SKS)
. Client-side Kermit Server (CKS)
. No Kermit Server (NKS)
Different procedures and functions apply to each configuration. The
configuration may be changed at any time by Telnet Kermit Option
subnegotiations, which assure that the Telnet client and server are
always in compatible states.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -