![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to rlogind.8 CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / libexec / rlogind|
Return to rlogind.8 CVS log | Up to [CSRG BSD Unix] / 43BSDReno / libexec / rlogind |
1.1 root 1: .\" Copyright (c) 1983, 1989 The Regents of the University of California.
2: .\" All rights reserved.
3: .\"
4: .\" Redistribution and use in source and binary forms are permitted provided
5: .\" that: (1) source distributions retain this entire copyright notice and
6: .\" comment, and (2) distributions including binaries display the following
7: .\" acknowledgement: ``This product includes software developed by the
8: .\" University of California, Berkeley and its contributors'' in the
9: .\" documentation or other materials provided with the distribution and in
10: .\" all advertising materials mentioning features or use of this software.
11: .\" Neither the name of the University nor the names of its contributors may
12: .\" be used to endorse or promote products derived from this software without
13: .\" specific prior written permission.
14: .\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED
15: .\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
16: .\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
17: .\"
18: .\" @(#)rlogind.8 6.11 (Berkeley) 6/24/90
19: .\"
20: .TH RLOGIND 8 "June 24, 1990"
21: .UC 5
22: .SH NAME
23: rlogind \- remote login server
24: .SH SYNOPSIS
25: .B rlogind
26: [
27: .B \-aln
28: ]
29: .SH DESCRIPTION
30: .I Rlogind
31: is the server for the
32: .IR rlogin (1)
33: program. The server provides a remote login facility
34: with authentication based on privileged port numbers from trusted hosts.
35: .PP
36: .I Rlogind
37: listens for service requests at the port indicated in
38: the ``login'' service specification; see
39: .IR services (5).
40: When a service request is received the following protocol
41: is initiated:
42: .IP 1)
43: The server checks the client's source port.
44: If the port is not in the range 512-1023, the server
45: aborts the connection.
46: .IP 2)
47: The server checks the client's source address
48: and requests the corresponding host name (see
49: IR gethostbyaddr (3),
50: .IR hosts (5)
51: and
52: .IR named (8)).
53: If the hostname cannot be determined,
54: the dot-notation representation of the host address is used.
55: If the hostname is in the same domain as the server (according to
56: the last two components of the domain name),
57: or if the
58: .B \-a
59: option is given,
60: the addresses for the hostname are requested,
61: verifying that the name and address correspond.
62: Normal authentication is bypassed if the address verification fails.
63: .PP
64: Once the source port and address have been checked,
65: .I rlogind
66: proceeds with the authentication process described in
67: .IR rshd (8).
68: It then allocates a pseudo terminal (see
69: .IR pty (4)),
70: and manipulates file descriptors so that the slave
71: half of the pseudo terminal becomes the
72: .B stdin ,
73: .B stdout ,
74: and
75: .B stderr
76: for a login process.
77: The login process is an instance of the
78: .IR login (1)
79: program, invoked with the
80: .B \-f
81: option if authentication has succeeded.
82: If automatic authentication fails, the user is
83: prompted to log in as if on a standard terminal line. The
84: .B \-l
85: option prevents any authentication based on the user's
86: ``.rhosts'' file, unless the user is logging in as the superuser.
87: .PP
88: The parent of the login process manipulates the master side of
89: the pseudo terminal, operating as an intermediary
90: between the login process and the client instance of the
91: .I rlogin
92: program. In normal operation, the packet protocol described
93: in
94: .IR pty (4)
95: is invoked to provide ^S/^Q type facilities and propagate
96: interrupt signals to the remote programs. The login process
97: propagates the client terminal's baud rate and terminal type,
98: as found in the environment variable, ``TERM''; see
99: .IR environ (7).
100: The screen or window size of the terminal is requested from the client,
101: and window size changes from the client are propagated to the pseudo terminal.
102: .PP
103: Transport-level keepalive messages are enabled unless the
104: .B \-n
105: option is present.
106: The use of keepalive messages allows sessions to be timed out
107: if the client crashes or becomes unreachable.
108: .SH DIAGNOSTICS
109: All initial diagnostic messages are indicated
110: by a leading byte with a value of 1,
111: after which any network connections are closed.
112: If there are no errors before
113: .I login
114: is invoked, a null byte is returned as in indication of success.
115: .PP
116: .B ``Try again.''
117: .br
118: A
119: .I fork
120: by the server failed.
121: .SH "SEE ALSO"
122: login(1), ruserok(3), rshd(8)
123: .SH BUGS
124: The authentication procedure used here assumes the integrity
125: of each client machine and the connecting medium. This is
126: insecure, but is useful in an ``open'' environment.
127: .PP
128: A facility to allow all data exchanges to be encrypted should be
129: present.
130: .PP
131: A more extensible protocol should be used.
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.