Skip to main content

Home Remote shell

Remote shell

(also remote command shell, remote terminal, rsh)

Remote shell definition

A remote shell (or terminal) is a tool that allows users to access and control a device or server from a remote location. It provides a command-line interface on a remote machine, allowing users to execute commands and directly interact with the remote system as if they were physically present. Remote shells can be used for remote administration, troubleshooting, configuration of devices, or working on a remote server. However, cybercriminals may use them to launch attacks on targeted computers.

See also: backdoor

How remote shells work

  • Establishing a connection. The user initiates a connection from their machine to the remote device using a remote shell protocol (e.g., SSH) or remote desktop software.
  • Command execution. After establishing the connection, the user sees a command-line interface (shell) on the remote device, representing the remote machine’s operating system. They can enter commands like they would on their local machine.
  • Data transmission. The commands are sent between the local and the remote machines over the established connection (e.g., sending data packets).
  • Output display. The remote computer receives the commands and their output, executes them, then sends back the results to the local computer.
  • Session termination. The user can continue executing commands through the remote system until they end the session. They can finish the session with specific commands or close the terminal (shell window).

The exact way a remote shell works depends on several factors, such as the specific protocol or software used.

Remote shell use cases

  • Configuration of remote devices
  • Monitoring
  • Working on a remote server
  • Detecting and fixing bugs
  • Cyberattacks

How cybercriminals may use remote shells

  • System vulnerabilities. Attackers may exploit vulnerabilities to gain unauthorized access to servers, then use remote shells to maintain control and execute malicious commands remotely.
  • Malware distribution. Attackers may use remote shells as a gateway for distributing malware onto compromised systems.
  • Data theft. Remote shells may be used to steal sensitive data, delete or modify files, or carry out further malicious activities.