Commit | Line | Data |
---|---|---|
9ada66f8 KM |
1 | .\" Copyright (c) 1983 Regents of the University of California. |
2 | .\" All rights reserved. The Berkeley software License Agreement | |
3 | .\" specifies the terms and conditions for redistribution. | |
4 | .\" | |
14dbbfdc | 5 | .\" @(#)rlogind.8 6.3 (Berkeley) %G% |
9ada66f8 | 6 | .\" |
8859f23f | 7 | .TH RLOGIND 8C "" |
9ada66f8 KM |
8 | .UC 5 |
9 | .SH NAME | |
10 | rlogind \- remote login server | |
11 | .SH SYNOPSIS | |
12 | .B /etc/rlogind | |
13 | [ | |
14 | .B \-d | |
15 | ] | |
16 | .SH DESCRIPTION | |
17 | .I Rlogind | |
18 | is the server for the | |
19 | .IR rlogin (1C) | |
20 | program. The server provides a remote login facility | |
be1d37d3 | 21 | with authentication based on privileged port numbers from trusted hosts. |
9ada66f8 KM |
22 | .PP |
23 | .I Rlogind | |
24 | listens for service requests at the port indicated in | |
25 | the ``login'' service specification; see | |
26 | .IR services (5). | |
27 | When a service request is received the following protocol | |
28 | is initiated: | |
29 | .IP 1) | |
30 | The server checks the client's source port. | |
31 | If the port is not in the range 0-1023, the server | |
32 | aborts the connection. | |
33 | .IP 2) | |
14dbbfdc MK |
34 | The server checks the client's source address |
35 | and requests the corresponding host name (see | |
be1d37d3 MK |
36 | .IR gethostbyaddr (3N), |
37 | .IR hosts (5) | |
38 | and | |
14dbbfdc MK |
39 | .IR named (8)). |
40 | If the hostname cannot be determined, | |
be1d37d3 | 41 | the dot-notation representation of the host address is used. |
9ada66f8 KM |
42 | .PP |
43 | Once the source port and address have been checked, | |
44 | .I rlogind | |
45 | allocates a pseudo terminal (see | |
46 | .IR pty (4)), | |
47 | and manipulates file descriptors so that the slave | |
48 | half of the pseudo terminal becomes the | |
49 | .B stdin , | |
50 | .B stdout , | |
51 | and | |
52 | .B stderr | |
53 | for a login process. | |
54 | The login process is an instance of the | |
55 | .IR login (1) | |
56 | program, invoked with the | |
57 | .B \-r | |
58 | option. The login process then proceeds with the authentication | |
59 | process as described in | |
60 | .IR rshd (8C), | |
61 | but if automatic authentication fails, it reprompts the user | |
62 | to login as one finds on a standard terminal line. | |
63 | .PP | |
64 | The parent of the login process manipulates the master side of | |
65 | the pseduo terminal, operating as an intermediary | |
66 | between the login process and the client instance of the | |
67 | .I rlogin | |
68 | program. In normal operation, the packet protocol described | |
69 | in | |
70 | .IR pty (4) | |
71 | is invoked to provide ^S/^Q type facilities and propagate | |
72 | interrupt signals to the remote programs. The login process | |
73 | propagates the client terminal's baud rate and terminal type, | |
74 | as found in the environment variable, ``TERM''; see | |
75 | .IR environ (7). | |
be1d37d3 MK |
76 | The screen or window size of the terminal is requested from the client, |
77 | and window size changes from the client are propagated to the pseudo terminal. | |
9ada66f8 KM |
78 | .SH DIAGNOSTICS |
79 | All diagnostic messages are returned on the connection | |
80 | associated with the | |
81 | .BR stderr , | |
82 | after which any network connections are closed. | |
83 | An error is indicated by a leading byte with a value of 1. | |
84 | .PP | |
9ada66f8 KM |
85 | .B ``Try again.'' |
86 | .br | |
87 | A | |
88 | .I fork | |
89 | by the server failed. | |
90 | .PP | |
91 | .B ``/bin/sh: ...'' | |
92 | .br | |
93 | The user's login shell could not be started. | |
94 | .SH BUGS | |
95 | The authentication procedure used here assumes the integrity | |
96 | of each client machine and the connecting medium. This is | |
97 | insecure, but is useful in an ``open'' environment. | |
98 | .PP | |
99 | A facility to allow all data exchanges to be encrypted should be | |
100 | present. | |
14dbbfdc MK |
101 | .PP |
102 | A more extensible protocol should be used. |