RPort
  • RPort Knowledge Base
  • 👀WHAT IS RPORT
    • Features and benefits of RPort
      • Full feature list
    • Screenshots
    • Release Notes
      • 1.1.2
      • 1.1.0
      • 1.0.5
      • 1.0.4
      • 1.0.3
      • 1.0.2
      • 1.0.1
  • 🚀GETTING STARTED
  • Install the RPort Server
    • Launch RPort in the cloud
    • Install on-premises
    • Install on Vultr
    • Install on Azure
    • Install on AWS EC2
    • Install on Digital Ocean
    • Install on Scaleway
    • Install on Google Compute
    • Install on Hetzner Cloud
    • Install RPort on any virgin cloud VM
    • Change the FQDN of the RPort server
    • Enable two factor authentication
      • Use push on mobile for 2FA
      • Use TOTP
  • Connecting Clients
  • Using the remote access
    • Creating tunnels
      • VNC via browser
      • VNC via VNC® Viewer from RealVNC®
      • RDP via Browser
    • Open SSH from the browser
    • Scp,sftp through a tunnel
  • Renaming and tagging of clients
  • Organize clients with groups
  • Activate the vault
  • Manage users and permissions
  • Video Courses
    • Installation Preparation
    • Install on Prem
    • Install on Cloud
    • Client installation
    • Remote Access
    • Network communication
  • 🗣️ NEED HELP?
    • Troubleshoot common problems
      • RPort Server not starting
      • Restart rport through a tunnel
      • Attributes file path not set
      • Recover lost passwords
      • Client is not connecting
      • Id is already in use
  • 🔦DIGGING DEEPER
    • Using the API
      • Create client credentials
    • RPort Technology Explained
      • RPort Security Model
    • Commands and Scripts
      • Executing commands
      • Executing scripts
      • Tacoscript
    • The scheduler
    • File copy and reception
    • Client Configuration Options
      • Supervision of OS updates
      • Script and command execution
    • Advanced client management
      • Install the RPort client manually
      • Uninstall the RPort client
    • Server Maintenance
      • Monitoring of RPortd
      • Updating RPort
      • Backing up the rport server
      • Renewing certificates
    • FAQ
      • How to use Cloudflare
    • High Availability
    • Install on macOS
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. DIGGING DEEPER
  2. Client Configuration Options

Script and command execution

Command execution

Enabling script and command execution is not global and it is not an either/or decision. You can control which commands are allowed and which are not on a fine-grained level. See the example below.

[remote-commands]
  ## Enable or disable execution of remote commands sent by server.
  ## Defaults: true
  #enabled = true

  ## Limit the maximum length of the command output that is sent back to server.
  ## Applies to the stdout and stderr separately.
  ## If exceeded {send_back_limit} bytes are sent.
  ## Defaults: 2048
  #send_back_limit = 2048

  ## Allow commands matching the following regular expressions.
  ## The filter is applied to the command sent. Full path must be used.
  ## See {order} parameter for more details how it's applied together with {deny}.
  ## Defaults: ['^/usr/bin/.*','^/usr/local/bin/.*','^C:\\Windows\\System32\\.*']
  #allow = ['^/usr/bin/.*','^/usr/local/bin/.*','^C:\\Windows\\System32\\.*']

  ## Deny commands matching one of the following regular expressions.
  ## The filter is applied to the command sent. Full path must be used.
  ## See {order} parameter for more details how it's applied together with {allow}.
  ## With the below default filter only single commands are allowed.
  ## Defaults: ['(\||<|>|;|,|\n|&)']
  #deny = ['(\||<|>|;|,|\n|&)']

  ## Order: ['allow','deny'] or ['deny','allow']. Order of which filter is applied first.
  ## Defaults: ['allow','deny']
  ##
  ## order: ['allow','deny']
  ## First, all allow directives are evaluated; at least one must match, or the command is rejected.
  ## Next, all deny directives are evaluated. If any matches, the command is rejected.
  ## Last, any commands which do not match an allow or a deny directive are denied by default.
  ## Example:
  ## allow: ['^/usr/bin/.*']
  ## deny: ['^/usr/bin/zip']
  ## All commands in /usr/bin except '/usr/bin/zip' can be executed. Full path must be used.
  ##
  ## order: ['deny','allow']
  ## First, all deny directives are evaluated; if any match,
  ## the command is denied UNLESS it also matches an allow directive.
  ## Any command which do not match any allow or deny directives are permitted.
  ## Example:
  ## deny: ['.*']
  ## allow: ['zip$']
  ## All commands are denied except those ending in zip.
  ##
  #order = ['allow','deny']
PreviousSupervision of OS updatesNextAdvanced client management

Last updated 1 year ago

Was this helpful?

🔦