Commit | Line | Data |
---|---|---|
eb97b157 KB |
1 | .\" Copyright (c) 1983 The Regents of the University of California. |
2 | .\" All rights reserved. | |
9ada66f8 | 3 | .\" |
eb97b157 KB |
4 | .\" Redistribution and use in source and binary forms are permitted |
5 | .\" provided that the above copyright notice and this paragraph are | |
6 | .\" duplicated in all such forms and that any documentation, | |
7 | .\" advertising materials, and other materials related to such | |
8 | .\" distribution and use acknowledge that the software was developed | |
9 | .\" by the University of California, Berkeley. The name of the | |
10 | .\" University may not be used to endorse or promote products derived | |
11 | .\" from this software without specific prior written permission. | |
12 | .\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR | |
13 | .\" IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED | |
14 | .\" WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. | |
9ada66f8 | 15 | .\" |
eb97b157 KB |
16 | .\" @(#)rlogind.8 6.4 (Berkeley) %G% |
17 | .\" | |
18 | .TH RLOGIND 8 "" | |
9ada66f8 KM |
19 | .UC 5 |
20 | .SH NAME | |
21 | rlogind \- remote login server | |
22 | .SH SYNOPSIS | |
23 | .B /etc/rlogind | |
24 | [ | |
25 | .B \-d | |
26 | ] | |
27 | .SH DESCRIPTION | |
28 | .I Rlogind | |
29 | is the server for the | |
30 | .IR rlogin (1C) | |
31 | program. The server provides a remote login facility | |
be1d37d3 | 32 | with authentication based on privileged port numbers from trusted hosts. |
9ada66f8 KM |
33 | .PP |
34 | .I Rlogind | |
35 | listens for service requests at the port indicated in | |
36 | the ``login'' service specification; see | |
37 | .IR services (5). | |
38 | When a service request is received the following protocol | |
39 | is initiated: | |
40 | .IP 1) | |
41 | The server checks the client's source port. | |
42 | If the port is not in the range 0-1023, the server | |
43 | aborts the connection. | |
44 | .IP 2) | |
14dbbfdc MK |
45 | The server checks the client's source address |
46 | and requests the corresponding host name (see | |
be1d37d3 MK |
47 | .IR gethostbyaddr (3N), |
48 | .IR hosts (5) | |
49 | and | |
14dbbfdc MK |
50 | .IR named (8)). |
51 | If the hostname cannot be determined, | |
be1d37d3 | 52 | the dot-notation representation of the host address is used. |
9ada66f8 KM |
53 | .PP |
54 | Once the source port and address have been checked, | |
55 | .I rlogind | |
56 | allocates a pseudo terminal (see | |
57 | .IR pty (4)), | |
58 | and manipulates file descriptors so that the slave | |
59 | half of the pseudo terminal becomes the | |
60 | .B stdin , | |
61 | .B stdout , | |
62 | and | |
63 | .B stderr | |
64 | for a login process. | |
65 | The login process is an instance of the | |
66 | .IR login (1) | |
67 | program, invoked with the | |
68 | .B \-r | |
69 | option. The login process then proceeds with the authentication | |
70 | process as described in | |
71 | .IR rshd (8C), | |
72 | but if automatic authentication fails, it reprompts the user | |
73 | to login as one finds on a standard terminal line. | |
74 | .PP | |
75 | The parent of the login process manipulates the master side of | |
76 | the pseduo terminal, operating as an intermediary | |
77 | between the login process and the client instance of the | |
78 | .I rlogin | |
79 | program. In normal operation, the packet protocol described | |
80 | in | |
81 | .IR pty (4) | |
82 | is invoked to provide ^S/^Q type facilities and propagate | |
83 | interrupt signals to the remote programs. The login process | |
84 | propagates the client terminal's baud rate and terminal type, | |
85 | as found in the environment variable, ``TERM''; see | |
86 | .IR environ (7). | |
be1d37d3 MK |
87 | The screen or window size of the terminal is requested from the client, |
88 | and window size changes from the client are propagated to the pseudo terminal. | |
9ada66f8 KM |
89 | .SH DIAGNOSTICS |
90 | All diagnostic messages are returned on the connection | |
91 | associated with the | |
92 | .BR stderr , | |
93 | after which any network connections are closed. | |
94 | An error is indicated by a leading byte with a value of 1. | |
95 | .PP | |
9ada66f8 KM |
96 | .B ``Try again.'' |
97 | .br | |
98 | A | |
99 | .I fork | |
100 | by the server failed. | |
101 | .PP | |
102 | .B ``/bin/sh: ...'' | |
103 | .br | |
104 | The user's login shell could not be started. | |
105 | .SH BUGS | |
106 | The authentication procedure used here assumes the integrity | |
107 | of each client machine and the connecting medium. This is | |
108 | insecure, but is useful in an ``open'' environment. | |
109 | .PP | |
110 | A facility to allow all data exchanges to be encrypted should be | |
111 | present. | |
14dbbfdc MK |
112 | .PP |
113 | A more extensible protocol should be used. |