[unix-history] / usr / src / usr.bin / rlogin / rlogin.1

.\" Copyright (c) 1983, 1990 The Regents of the University of California.
.\" All rights reserved.
.\"
.\" %sccs.include.redist.man%
.\"
.\"     @(#)rlogin.1	6.17.1.1 (Berkeley) %G%
.\"
.Dd 
.Dt RLOGIN 1
.Os BSD 4.2
.Sh NAME
.Nm rlogin
.Nd remote login
.Sh SYNOPSIS
.Ar rlogin
.Op Fl 8EKLd
.Op Fl e Ar char
.Op Fl k Ar realm
.Op Fl l Ar username
.Ar host
.Sh DESCRIPTION
.Nm Rlogin
starts a terminal session on a remote host
.Ar host  .
.Pp
.Nm Rlogin
first attempts to use the Kerberos authorization mechanism, described below.
If the remote host does not supporting Kerberos the standard Berkeley
.Pa rhosts
authorization mechanism is used.
The options are as follows:
.Tw Fl
.Tp Fl 8
The
.Fl 8
option allows an eight-bit input data path at all times; otherwise
parity bits are stripped except when the remote side's stop and start
characters are other than ^S/^Q.
.Tp Fl E
The
.Fl E
option stops any character from being recognized as an escape character.
When used with the
.Fl 8
option, this provides a completely transparent connection.
.Tp Fl K
The
.Fl K
option turns off all Kerberos authentication.
.Tp Fl L
The
.Fl L
option allows the rlogin session to be run in ``litout'' (see
.Xr tty  4  )
mode.
.Tp Fl d
The
.Fl d
option turns on socket debugging (see
.Xr setsockopt  2  )
on the TCP sockets used for communication with the remote host.
.Tp Fl e
The
.Fl e
option allows user specification of the escape character, which is
``~'' by default.
This specification may be as a literal character, or as an octal
value in the form \ennn.
.Tp Fl k
The
.FL k
option requests rlogin to obtain tickets for the remote host
in realm
.Ar realm
instead of the remote host's realm as determined by
.Xr krb_realmofhost  3  .
.Tp
.Pp
A line of the form ``<escape char>.'' disconnects from the remote host.
Similarly, the line ``<escape char>^Z'' will suspend the
.Nm rlogin
session, and ``<escape char><delayed-suspend char>'' suspends the
send portion of the rlogin, but allows output from the remote system.
By default, the tilde (``~'') character is the escape character, and
normally control-Y (``^Y'') is the delayed-suspend character.
.Pp
All echoing takes place at the remote site, so that (except for delays)
the
.Nm rlogin
is transparent.
Flow control via ^S/^Q and flushing of input and output on interrupts
are handled properly.
.Sh KERBEROS AUTHENTICATION
Each user may have a private authorization list in the file
.Pa .klogin
in their home directory.
Each line in this file should contain a Kerberos principal name of the
form
.Ar principal.instance@realm  .
If the originating user is authenticated to one of the principals named
in
.Pa .klogin ,
access is granted to the account.
The principal
.Ar accountname.@localrealm
is granted access if
there is no
.Pa .klogin
file.
Otherwise a login and password will be prompted for on the remote machine
as in
.Xr login  1  .
To avoid certain security problems, the
.Pa .klogin
file must be owned by
the remote user.
.Pp
If Kerberos authentication fails, a warning message is printed and the
standard Berkeley
.Em rlogin
is used instead.
.Sh ENVIRONMENT
The following environment variable is utilized by
.Nm rlogin :
.Tw Fl
.Tp Ev TERM
to find user's terminal type.
.Tp
.Sh SEE ALSO
.Xr rsh 1 ,
.Xr kerberos 3 ,
.Xr krb_sendauth 3 ,
.Xr krb_realmofhost 3
.Sh HISTORY
.Nm Rlogin
appeared in 4.2 BSD.
.Sh BUGS
.Nm Rlogin
will be replaced by
.Xr telnet  1
in the near future.
.Pp
More of the environment should be propagated.
Commit	Line	Data
afe1e594	1	.\" Copyright (c) 1983, 1990 The Regents of the University of California.
9e682bbf	2	.\" All rights reserved.
3f1cd9e6	3	.\"
3c003a08	4	.\" %sccs.include.redist.man%
3f1cd9e6	5	.\"
83a41c77	6	.\" @(#)rlogin.1 6.17.1.1 (Berkeley) %G%
9e682bbf	7	.\"
5325ced3 CL	8	.Dd
	9	.Dt RLOGIN 1
	10	.Os BSD 4.2
	11	.Sh NAME
	12	.Nm rlogin
	13	.Nd remote login
	14	.Sh SYNOPSIS
	15	.Ar rlogin
83a41c77	16	.Op Fl 8EKLd
5325ced3 CL	17	.Op Fl e Ar char
	18	.Op Fl k Ar realm
	19	.Op Fl l Ar username
	20	.Ar host
	21	.Sh DESCRIPTION
	22	.Nm Rlogin
afe1e594	23	starts a terminal session on a remote host
5325ced3 CL	24	.Ar host .
	25	.Pp
	26	.Nm Rlogin
afe1e594 KB	27	first attempts to use the Kerberos authorization mechanism, described below.
afe1e594 KB	28	If the remote host does not supporting Kerberos the standard Berkeley
5325ced3	29	.Pa rhosts
afe1e594 KB	30	authorization mechanism is used.
afe1e594 KB	31	The options are as follows:
5325ced3 CL	32	.Tw Fl
	33	.Tp Fl 8
	34	The
	35	.Fl 8
	36	option allows an eight-bit input data path at all times; otherwise
afe1e594 KB	37	parity bits are stripped except when the remote side's stop and start
afe1e594 KB	38	characters are other than ^S/^Q.
999d0d08 KB	39	.Tp Fl E
	40	The
	41	.Fl E
	42	option stops any character from being recognized as an escape character.
	43	When used with the
	44	.Fl 8
	45	option, this provides a completely transparent connection.
5325ced3 CL	46	.Tp Fl K
	47	The
	48	.Fl K
	49	option turns off all Kerberos authentication.
	50	.Tp Fl L
	51	The
	52	.Fl L
	53	option allows the rlogin session to be run in ``litout'' (see
	54	.Xr tty 4 )
afe1e594	55	mode.
5325ced3 CL	56	.Tp Fl d
	57	The
	58	.Fl d
	59	option turns on socket debugging (see
	60	.Xr setsockopt 2 )
afe1e594	61	on the TCP sockets used for communication with the remote host.
5325ced3	62	.Tp Fl e
5325ced3 CL	63	The
5325ced3 CL	64	.Fl e
999d0d08 KB	65	option allows user specification of the escape character, which is
	66	``~'' by default.
	67	This specification may be as a literal character, or as an octal
	68	value in the form \ennn.
5325ced3 CL	69	.Tp Fl k
	70	The
	71	.FL k
	72	option requests rlogin to obtain tickets for the remote host
afe1e594	73	in realm
5325ced3 CL	74	.Ar realm
	75	instead of the remote host's realm as determined by
	76	.Xr krb_realmofhost 3 .
5325ced3 CL	77	.Tp
5325ced3 CL	78	.Pp
999d0d08 KB	79	A line of the form ``<escape char>.'' disconnects from the remote host.
999d0d08 KB	80	Similarly, the line ``<escape char>^Z'' will suspend the
5325ced3	81	.Nm rlogin
999d0d08 KB	82	session, and ``<escape char><delayed-suspend char>'' suspends the
	83	send portion of the rlogin, but allows output from the remote system.
	84	By default, the tilde (``~'') character is the escape character, and
	85	normally control-Y (``^Y'') is the delayed-suspend character.
5325ced3	86	.Pp
afe1e594 KB	87	All echoing takes place at the remote site, so that (except for delays)
afe1e594 KB	88	the
5325ced3	89	.Nm rlogin
afe1e594 KB	90	is transparent.
	91	Flow control via ^S/^Q and flushing of input and output on interrupts
	92	are handled properly.
5325ced3 CL	93	.Sh KERBEROS AUTHENTICATION
	94	Each user may have a private authorization list in the file
	95	.Pa .klogin
afe1e594 KB	96	in their home directory.
afe1e594 KB	97	Each line in this file should contain a Kerberos principal name of the
5325ced3 CL	98	form
5325ced3 CL	99	.Ar principal.instance@realm .
bd97c21a	100	If the originating user is authenticated to one of the principals named
5325ced3 CL	101	in
	102	.Pa .klogin ,
	103	access is granted to the account.
	104	The principal
	105	.Ar accountname.@localrealm
	106	is granted access if
	107	there is no
	108	.Pa .klogin
	109	file.
afe1e594 KB	110	Otherwise a login and password will be prompted for on the remote machine
afe1e594 KB	111	as in
5325ced3 CL	112	.Xr login 1 .
	113	To avoid certain security problems, the
	114	.Pa .klogin
	115	file must be owned by
bd97c21a	116	the remote user.
5325ced3	117	.Pp
afe1e594 KB	118	If Kerberos authentication fails, a warning message is printed and the
afe1e594 KB	119	standard Berkeley
5325ced3	120	.Em rlogin
afe1e594	121	is used instead.
5325ced3 CL	122	.Sh ENVIRONMENT
	123	The following environment variable is utilized by
	124	.Nm rlogin :
	125	.Tw Fl
	126	.Tp Ev TERM
	127	to find user's terminal type.
	128	.Tp
	129	.Sh SEE ALSO
	130	.Xr rsh 1 ,
	131	.Xr kerberos 3 ,
	132	.Xr krb_sendauth 3 ,
	133	.Xr krb_realmofhost 3
	134	.Sh HISTORY
	135	.Nm Rlogin
	136	appeared in 4.2 BSD.
	137	.Sh BUGS
	138	.Nm Rlogin
afe1e594	139	will be replaced by
5325ced3	140	.Xr telnet 1
afe1e594	141	in the near future.
5325ced3	142	.Pp
db8b94d6	143	More of the environment should be propagated.