![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to rshd.8 CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / foreign / src / rshd|
Return to rshd.8 CVS log | Up to [CSRG BSD Unix] / 43BSDReno / foreign / src / rshd |
1.1 ! root 1: .\" Copyright (c) 1983, 1989 The Regents of the University of California. ! 2: .\" All rights reserved. ! 3: .\" ! 4: .\" Redistribution and use in source and binary forms are permitted provided ! 5: .\" that: (1) source distributions retain this entire copyright notice and ! 6: .\" comment, and (2) distributions including binaries display the following ! 7: .\" acknowledgement: ``This product includes software developed by the ! 8: .\" University of California, Berkeley and its contributors'' in the ! 9: .\" documentation or other materials provided with the distribution and in ! 10: .\" all advertising materials mentioning features or use of this software. ! 11: .\" Neither the name of the University nor the names of its contributors may ! 12: .\" be used to endorse or promote products derived from this software without ! 13: .\" specific prior written permission. ! 14: .\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED ! 15: .\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF ! 16: .\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. ! 17: .\" ! 18: .\" @(#)rshd.8 6.10 (Berkeley) 6/24/90 ! 19: .\" ! 20: .TH RSHD 8 "June 24, 1990" ! 21: .UC 5 ! 22: .SH NAME ! 23: rshd \- remote shell server ! 24: .SH SYNOPSIS ! 25: .B rshd [-aln] ! 26: .SH DESCRIPTION ! 27: .I Rshd ! 28: is the server for the ! 29: .IR rcmd (3) ! 30: routine and, consequently, for the ! 31: .IR rsh (1) ! 32: program. The server provides remote execution facilities ! 33: with authentication based on privileged port numbers from trusted hosts. ! 34: .PP ! 35: .I Rshd ! 36: listens for service requests at the port indicated in ! 37: the ``cmd'' service specification; see ! 38: .IR services (5). ! 39: When a service request is received the following protocol ! 40: is initiated: ! 41: .IP 1) ! 42: The server checks the client's source port. ! 43: If the port is not in the range 512-1023, the server ! 44: aborts the connection. ! 45: .IP 2) ! 46: The server reads characters from the socket up ! 47: to a null (`\e0') byte. The resultant string is ! 48: interpreted as an ASCII number, base 10. ! 49: .IP 3) ! 50: If the number received in step 2 is non-zero, ! 51: it is interpreted as the port number of a secondary ! 52: stream to be used for the ! 53: .BR stderr . ! 54: A second connection is then created to the specified ! 55: port on the client's machine. The source port of this ! 56: second connection is also in the range 512-1023. ! 57: .IP 4) ! 58: The server checks the client's source address ! 59: and requests the corresponding host name (see ! 60: .IR gethostbyaddr (3), ! 61: .IR hosts (5) ! 62: and ! 63: .IR named (8)). ! 64: If the hostname cannot be determined, ! 65: the dot-notation representation of the host address is used. ! 66: If the hostname is in the same domain as the server (according to ! 67: the last two components of the domain name), ! 68: or if the ! 69: .B \-a ! 70: option is given, ! 71: the addresses for the hostname are requested, ! 72: verifying that the name and address correspond. ! 73: If address verification fails, the connection is aborted ! 74: with the message, ``Host address mismatch.'' ! 75: .IP 5) ! 76: A null terminated user name of at most 16 characters ! 77: is retrieved on the initial socket. This user name ! 78: is interpreted as the user identity on the ! 79: .BR client 's ! 80: machine. ! 81: .IP 6) ! 82: A null terminated user name of at most 16 characters ! 83: is retrieved on the initial socket. This user name ! 84: is interpreted as a user identity to use on the ! 85: .BR server 's ! 86: machine. ! 87: .IP 7) ! 88: A null terminated command to be passed to a ! 89: shell is retrieved on the initial socket. The length of ! 90: the command is limited by the upper bound on the size of ! 91: the system's argument list. ! 92: .IP 8) ! 93: .I Rshd ! 94: then validates the user using ! 95: .IR ruserok (3), ! 96: which uses the file ``/etc/hosts.equiv'' and the ``.rhosts'' ! 97: file found in the user's home directory. The ! 98: .B \-l ! 99: option prevents ! 100: .IR ruserok (3) ! 101: from doing any validation based on the user's ``.rhosts'' file, ! 102: unless the user is the superuser. ! 103: .IP 9) ! 104: A null byte is returned on the initial socket ! 105: and the command line is passed to the normal login ! 106: shell of the user. The ! 107: shell inherits the network connections established ! 108: by ! 109: .IR rshd . ! 110: .PP ! 111: Transport-level keepalive messages are enabled unless the ! 112: .B \-n ! 113: option is present. ! 114: The use of keepalive messages allows sessions to be timed out ! 115: if the client crashes or becomes unreachable. ! 116: .SH DIAGNOSTICS ! 117: Except for the last one listed below, ! 118: all diagnostic messages ! 119: are returned on the initial socket, ! 120: after which any network connections are closed. ! 121: An error is indicated by a leading byte with a value of ! 122: 1 (0 is returned in step 9 above upon successful completion ! 123: of all the steps prior to the execution of the login shell). ! 124: .PP ! 125: .B ``locuser too long'' ! 126: .br ! 127: The name of the user on the client's machine is ! 128: longer than 16 characters. ! 129: .PP ! 130: .B ``remuser too long'' ! 131: .br ! 132: The name of the user on the remote machine is ! 133: longer than 16 characters. ! 134: .PP ! 135: .B ``command too long '' ! 136: .br ! 137: The command line passed exceeds the size of the argument ! 138: list (as configured into the system). ! 139: .PP ! 140: .B ``Login incorrect.'' ! 141: .br ! 142: No password file entry for the user name existed. ! 143: .PP ! 144: .B ``No remote directory.'' ! 145: .br ! 146: The ! 147: .I chdir ! 148: command to the home directory failed. ! 149: .PP ! 150: .B ``Permission denied.'' ! 151: .br ! 152: The authentication procedure described above failed. ! 153: .PP ! 154: .B ``Can't make pipe.'' ! 155: .br ! 156: The pipe needed for the ! 157: .BR stderr , ! 158: wasn't created. ! 159: .PP ! 160: .B ``Can't fork; try again.'' ! 161: .br ! 162: A ! 163: .I fork ! 164: by the server failed. ! 165: .PP ! 166: .B ``<shellname>: ...'' ! 167: .br ! 168: The user's login shell could not be started. This message is returned ! 169: on the connection associated with the ! 170: .BR stderr , ! 171: and is not preceded by a flag byte. ! 172: .SH SEE ALSO ! 173: rsh(1), rcmd(3), ruserok(3) ! 174: .SH BUGS ! 175: The authentication procedure used here assumes the integrity ! 176: of each client machine and the connecting medium. This is ! 177: insecure, but is useful in an ``open'' environment. ! 178: .PP ! 179: A facility to allow all data exchanges to be encrypted should be ! 180: present. ! 181: .PP ! 182: A more extensible protocol (such as Telnet) should be used.
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.