How to set up a reverse Telnet on Mac OS X

I am trying to set up a reverse Telnet (Telnet to COM) on Mac OS X 10.9.5 (Mavericks). The Mac is connected to a serial device. I have no problem accessing the serial device from the Mac using screen:

screen /dev/cu.USBserial

However, I would like to access the device remotely, via Telnet.

I tried using Netcat (nc) and have limited success. The command I used is:

nc -l 9999 > /dev/cu.USBserial < /dev/cu.USBserial

And then I can Telnet to the device. However, it does not work for two reasons:

For interactive user interface, the input is essentially line buffered until I hit return.
All my input is echoed back to me. In real life, the device should the one echoing my input characters.

What is the right way of doing it?

some user

Posted 2015-09-29T20:58:21.243

Reputation: 2 022

How remotely do you mean by remotely? Do you mean within a LAN or outside from a WAN to the LAN to the reverse Telnet? – JakeGould – 2015-10-02T04:53:40.157

@JakeGould, it really does not matter. It can be as close as another terminal tab or as far as the other end of the world. The issue is not with networking but rather bridging serial and reverse telnet. – some user – 2015-10-02T16:28:30.460

Answers

I found a solution. The Python PySerial package has an rfc2217 class. They have a sample app that works as a telnet server:

https://pyserial.readthedocs.org/en/latest/examples.html

$ python rfc2217_server.py /dev/tty.serial

opens up a port 2217 that allows telnet to connect. It is exactly what I wanted.

some user

Posted 2015-09-29T20:58:21.243

Reputation: 2 022

The simplest method:

telnet (or rather ssh) to your Mac
type your screen /dev/cu.USBserial command

Now, if you wan't to connect to your mac directly into the com port, or allow other to do that and nothing else, here is a way:

Create a dedicated user on your mac. Let's call it "comport" and log in as this user.
Create a connexion script for this user. Create a file named /Users/comport/log2com.sh and insert these lines into it:
```
#!/bin/bash
/usr/bin/screen -R /dev/cu.USBserial
```
Allow the script to be executed by running this command in your terminal:
```
chmod +x /Users/comport/log2com.sh
```
Finally, set this script as the login shell of your user. For this, in System Preferences > Users and Groups , in the users list, right click on the user and select "Advanced Option". Then, in the "shell" field, type in /Users/comport/log2com.sh, and click OK.

That's it. You can now telnet (I'd rather recommend ssh!) to this login on your Mac to get directly into screen.

Note that to exit you need to do it the screen way (usually Ctrl+A, then :quit Return).

Tested this on OSX 10.10.5. Let me know if it worked for you.

CuriousFab

Posted 2015-09-29T20:58:21.243

Reputation: 189

Very interesting solution. However, the solution is a bit too hacky for me. For example, a new user is needed. And I need to enable telnet login to my Mac (remember, I need reverse Telnet). If I did not exit screen using :quit but detached from it instead. The next login will fail. And last but not least, it is possible to access shell from screen and it becomes a huge security risk (in addition to enabling telnet). I think the solution I am looking for lies in the (proper) way netcat/socat access the device. – some user – 2015-10-08T21:06:35.993

Some few remarks: 1) As a matter of fact a new user is needed: to telnet or ssh to your box, you need to provide a login. If you want to log directly into the com port, you must use a login dedicated to that reverse telnet to com. I don't see how you expect to do that without a dedicated login. 2) To be able to log again after a screen session was detached instead of quit, I added the -Roption in the answer. 3) I'm not a screen expert but I could not open a shell. <kbd>Ctrl</kbd>+<kbd>A</kbd> then <kbd>c</kbd> fails to open a new screen as this login has no shell. – CuriousFab – 2015-10-09T16:11:21.440

reverse telnet is only a server bridging between a telnet port, say 4321, to a console, e.g. a modem. Login is optional. A user account is not needed. You can refer to my nc example. – some user – 2015-10-09T17:26:56.593

OK. I get your point. For the buffering issue of your nc based approach, you may find a solution in this post. Also, you may have a look at GNU netcat, available in Brew, and the use of expect. Good luck and let us know if you manage to get it working, your way. ;)

– CuriousFab – 2015-10-15T10:47:45.373

Another hint, based on the reading of this yet another post that lists numerous ways of hacking pipe, file redirection, and network indirection. socat seems very promising, but with power and versatility comes complexity...

– CuriousFab – 2015-10-15T11:02:51.017