Commit | Line | Data |
---|---|---|
df119935 KB |
1 | .\" Copyright (c) 1983 The Regents of the University of California. |
2 | .\" All rights reserved. | |
8412ed9b | 3 | .\" |
ac473880 | 4 | .\" %sccs.include.redist.man% |
8412ed9b | 5 | .\" |
ac473880 | 6 | .\" @(#)rexecd.8 6.4 (Berkeley) %G% |
df119935 KB |
7 | .\" |
8 | .TH REXECD 8 "" | |
8412ed9b KM |
9 | .UC 5 |
10 | .SH NAME | |
11 | rexecd \- remote execution server | |
12 | .SH SYNOPSIS | |
ac473880 | 13 | .B rexecd |
8412ed9b KM |
14 | .SH DESCRIPTION |
15 | .I Rexecd | |
16 | is the server for the | |
df119935 | 17 | .IR rexec (3) |
8412ed9b | 18 | routine. The server provides remote execution facilities |
e21fbf8d | 19 | with authentication based on user names and |
8412ed9b KM |
20 | passwords. |
21 | .PP | |
22 | .I Rexecd | |
23 | listens for service requests at the port indicated in | |
24 | the ``exec'' service specification; see | |
25 | .IR services (5). | |
26 | When a service request is received the following protocol | |
27 | is initiated: | |
28 | .IP 1) | |
29 | The server reads characters from the socket up | |
30 | to a null (`\e0') byte. The resultant string is | |
31 | interpreted as an ASCII number, base 10. | |
32 | .IP 2) | |
33 | If the number received in step 1 is non-zero, | |
34 | it is interpreted as the port number of a secondary | |
35 | stream to be used for the | |
36 | .BR stderr . | |
37 | A second connection is then created to the specified | |
38 | port on the client's machine. | |
39 | .IP 3) | |
40 | A null terminated user name of at most 16 characters | |
41 | is retrieved on the initial socket. | |
42 | .IP 4) | |
e21fbf8d | 43 | A null terminated, unencrypted password of at most |
8412ed9b KM |
44 | 16 characters is retrieved on the initial socket. |
45 | .IP 5) | |
46 | A null terminated command to be passed to a | |
47 | shell is retrieved on the initial socket. The length of | |
48 | the command is limited by the upper bound on the size of | |
49 | the system's argument list. | |
50 | .IP 6) | |
51 | .I Rexecd | |
52 | then validates the user as is done at login time | |
53 | and, if the authentication was successful, changes | |
54 | to the user's home directory, and establishes the user | |
55 | and group protections of the user. | |
56 | If any of these steps fail the connection is | |
57 | aborted with a diagnostic message returned. | |
58 | .IP 7) | |
e21fbf8d | 59 | A null byte is returned on the initial socket |
8412ed9b KM |
60 | and the command line is passed to the normal login |
61 | shell of the user. The | |
62 | shell inherits the network connections established | |
63 | by | |
64 | .IR rexecd . | |
65 | .SH DIAGNOSTICS | |
e21fbf8d JL |
66 | Except for the last one listed below, |
67 | all diagnostic messages are returned on the initial socket, | |
8412ed9b KM |
68 | after which any network connections are closed. |
69 | An error is indicated by a leading byte with a value of | |
70 | 1 (0 is returned in step 7 above upon successful completion | |
71 | of all the steps prior to the command execution). | |
72 | .PP | |
73 | .B ``username too long'' | |
74 | .br | |
75 | The name is | |
76 | longer than 16 characters. | |
77 | .PP | |
78 | .B ``password too long'' | |
79 | .br | |
80 | The password is longer than 16 characters. | |
81 | .PP | |
82 | .B ``command too long '' | |
83 | .br | |
84 | The command line passed exceeds the size of the argument | |
85 | list (as configured into the system). | |
86 | .PP | |
87 | .B ``Login incorrect.'' | |
88 | .br | |
89 | No password file entry for the user name existed. | |
90 | .PP | |
91 | .B ``Password incorrect.'' | |
92 | .br | |
93 | The wrong was password supplied. | |
94 | .PP | |
95 | .B ``No remote directory.'' | |
96 | .br | |
97 | The | |
98 | .I chdir | |
99 | command to the home directory failed. | |
100 | .PP | |
101 | .B ``Try again.'' | |
102 | .br | |
103 | A | |
104 | .I fork | |
105 | by the server failed. | |
106 | .PP | |
e21fbf8d | 107 | .B ``<shellname>: ...'' |
8412ed9b KM |
108 | .br |
109 | The user's login shell could not be started. | |
e21fbf8d JL |
110 | This message is returned |
111 | on the connection associated with the | |
112 | .BR stderr , | |
113 | and is not preceded by a flag byte. | |
114 | .SH SEE ALSO | |
df119935 | 115 | rexec(3) |
8412ed9b KM |
116 | .SH BUGS |
117 | Indicating ``Login incorrect'' as opposed to ``Password incorrect'' | |
118 | is a security breach which allows people to probe a system for users | |
119 | with null passwords. | |
120 | .PP | |
e21fbf8d | 121 | A facility to allow all data and password exchanges to be encrypted should be |
8412ed9b | 122 | present. |