![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to rexecd.8 CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDTahoe / man / man8|
Return to rexecd.8 CVS log | Up to [CSRG BSD Unix] / 43BSDTahoe / man / man8 |
1.1 ! root 1: .\" Copyright (c) 1983 Regents of the University of California. ! 2: .\" All rights reserved. The Berkeley software License Agreement ! 3: .\" specifies the terms and conditions for redistribution. ! 4: .\" ! 5: .\" @(#)rexecd.8c 6.2 (Berkeley) 5/9/86 ! 6: .\" ! 7: .TH REXECD 8C "May 9, 1986" ! 8: .UC 5 ! 9: .SH NAME ! 10: rexecd \- remote execution server ! 11: .SH SYNOPSIS ! 12: .B /etc/rexecd ! 13: .SH DESCRIPTION ! 14: .I Rexecd ! 15: is the server for the ! 16: .IR rexec (3X) ! 17: routine. The server provides remote execution facilities ! 18: with authentication based on user names and ! 19: passwords. ! 20: .PP ! 21: .I Rexecd ! 22: listens for service requests at the port indicated in ! 23: the ``exec'' service specification; see ! 24: .IR services (5). ! 25: When a service request is received the following protocol ! 26: is initiated: ! 27: .IP 1) ! 28: The server reads characters from the socket up ! 29: to a null (`\e0') byte. The resultant string is ! 30: interpreted as an ASCII number, base 10. ! 31: .IP 2) ! 32: If the number received in step 1 is non-zero, ! 33: it is interpreted as the port number of a secondary ! 34: stream to be used for the ! 35: .BR stderr . ! 36: A second connection is then created to the specified ! 37: port on the client's machine. ! 38: .IP 3) ! 39: A null terminated user name of at most 16 characters ! 40: is retrieved on the initial socket. ! 41: .IP 4) ! 42: A null terminated, unencrypted password of at most ! 43: 16 characters is retrieved on the initial socket. ! 44: .IP 5) ! 45: A null terminated command to be passed to a ! 46: shell is retrieved on the initial socket. The length of ! 47: the command is limited by the upper bound on the size of ! 48: the system's argument list. ! 49: .IP 6) ! 50: .I Rexecd ! 51: then validates the user as is done at login time ! 52: and, if the authentication was successful, changes ! 53: to the user's home directory, and establishes the user ! 54: and group protections of the user. ! 55: If any of these steps fail the connection is ! 56: aborted with a diagnostic message returned. ! 57: .IP 7) ! 58: A null byte is returned on the initial socket ! 59: and the command line is passed to the normal login ! 60: shell of the user. The ! 61: shell inherits the network connections established ! 62: by ! 63: .IR rexecd . ! 64: .SH DIAGNOSTICS ! 65: Except for the last one listed below, ! 66: all diagnostic messages are returned on the initial socket, ! 67: after which any network connections are closed. ! 68: An error is indicated by a leading byte with a value of ! 69: 1 (0 is returned in step 7 above upon successful completion ! 70: of all the steps prior to the command execution). ! 71: .PP ! 72: .B ``username too long'' ! 73: .br ! 74: The name is ! 75: longer than 16 characters. ! 76: .PP ! 77: .B ``password too long'' ! 78: .br ! 79: The password is longer than 16 characters. ! 80: .PP ! 81: .B ``command too long '' ! 82: .br ! 83: The command line passed exceeds the size of the argument ! 84: list (as configured into the system). ! 85: .PP ! 86: .B ``Login incorrect.'' ! 87: .br ! 88: No password file entry for the user name existed. ! 89: .PP ! 90: .B ``Password incorrect.'' ! 91: .br ! 92: The wrong was password supplied. ! 93: .PP ! 94: .B ``No remote directory.'' ! 95: .br ! 96: The ! 97: .I chdir ! 98: command to the home directory failed. ! 99: .PP ! 100: .B ``Try again.'' ! 101: .br ! 102: A ! 103: .I fork ! 104: by the server failed. ! 105: .PP ! 106: .B ``<shellname>: ...'' ! 107: .br ! 108: The user's login shell could not be started. ! 109: This message is returned ! 110: on the connection associated with the ! 111: .BR stderr , ! 112: and is not preceded by a flag byte. ! 113: .SH SEE ALSO ! 114: rexec(3X) ! 115: .SH BUGS ! 116: Indicating ``Login incorrect'' as opposed to ``Password incorrect'' ! 117: is a security breach which allows people to probe a system for users ! 118: with null passwords. ! 119: .PP ! 120: A facility to allow all data and password exchanges to be encrypted should be ! 121: present.
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.