.\" Copyright (c) 1983, 1993
.\" The Regents of the University of California. All rights reserved.
.\" %sccs.include.redist.man%
.\" @(#)telnetd.8 8.3 (Berkeley) %G%
.Op Fl r Ns Ar lowpty-highpty
command is a server which supports the
virtual terminal protocol.
is normally invoked by the internet server (see
for requests to connect to the
option may be used to start up
manually, instead of through
command accepts the following options:
.Bl -tag -width "-a authmode"
This option may be used for specifying what mode should
be used for authentication.
Note that this option is only useful if
has been compiled with support for the
There are several valid values for
Turns on authentication debugging code.
Only allow connections when the remote user
can provide valid authentication information
to identify the remote user,
and is allowed access to the specified account
without providing a password.
Only allow connections when the remote user
can provide valid authentication information
to identify the remote user.
command will provide any additional user verification
needed if the remote user is not allowed automatic
access to the specified account.
Only allow connections that supply some authentication information.
This option is currently not supported
by any of the existing authentication mechanisms,
and is thus the same as specifying
This is the default state.
Authentication information is not required.
If no or insufficient authentication information
program will provide the necessary user
This disables the authentication code.
All user verification will happen through the
Specifies bftp server mode. In this mode,
session rather than the user's
normal shell. In bftp daemon mode normal
logins are not supported, and it must be used
on a port other than the normal
This option may be used for debugging purposes.
to print out debugging information
to the connection, allowing the user to see what
There are several possible values for
Prints information about the negotiation of
information, plus some additional information
about what processing is going on.
Displays the data stream received by
Displays data written to the pty.
Has not been implemented yet.
Enables debugging on each socket created by
has been compiled with support for data encryption, then the
option may be used to enable encryption debugging code.
Disables the printing of host-specific information before
login has been completed.
This option is only applicable to
to use when init starts login sessions. The default
This option is only useful if
has been compiled with both linemode and kludge linemode
option is specified, then if the remote client does not
will operate in character at a time mode.
It will still support kludge linemode, but will only
go into kludge linemode if the remote client requests
(This is done by by the client sending
.Dv DONT SUPPRESS-GO-AHEAD
option is most useful when there are remote clients
that do not support kludge linemode, but pass the heuristic
for kludge linemode support.
Specifies line mode. Tries to force clients to use line-
option is not supported, it will go
keep-alive mechanism to probe connections that
have been idle for some period of time to determine
if the client is still there, so that idle connections
from machines that have crashed or can no longer
be reached may be cleaned up.
.It Fl r Ar lowpty-highpty
This option is only enabled when
It specifies an inclusive range of pseudo-terminal devices to
use. If the system has sysconf variable
configured, the default pty search range is 0 to
otherwise, the default range is 0 to 128. Either
may be omitted to allow changing
either end of the search range. If
is omitted, the - character is still required so that
This option is only enabled if
is compiled with support for
option to be passed on to
and thus is only useful if
flag to indicate that only
validated logins are allowed, and is
usually useful for controlling remote logins
from outside of a firewall.
This option is used to specify the size of the field
structure that holds the remote host name.
If the resolved host name is longer than
the dotted decimal value will be used instead.
This allows hosts with very long host names that
overflow this field to still be uniquely identified.
indicates that only dotted decimal addresses
to refuse connections from addresses that
cannot be mapped back into a symbolic name
This option is only valid if
has been built with support for the authentication option.
can be used to temporarily disable
a specific authentication type without having to recompile
operates by allocating a pseudo-terminal device (see
for a client, then creating a login process which has
the slave side of the pseudo-terminal as
manipulates the master side of the pseudo-terminal,
protocol and passing characters
between the remote client and the login process.
options to the client side indicating
options, which are described in more detail below:
.Bd -literal -offset indent
The pseudo-terminal allocated to the client is configured
to operate in \*(lqcooked\*(rq mode, and with
has support for enabling locally the following
.Bl -tag -width "DO AUTHENTICATION"
will be sent to the client to indicate the
current state of terminal echoing.
When terminal echo is not desired, a
will take care of echoing any data that needs to be
echoed to the terminal, and then nothing is echoed.
When terminal echo is desired, a
will not be doing any terminal echoing, so the
client should do any terminal echoing that is needed.
Indicates that the client is willing to send a
8 bits of data, rather than the normal 7 bits
of the Network Virtual Terminal.
Indicates that it will not be sending
Indicates a willingness to send the client, upon
request, of the current status of all
command is received, it is always responded
is sent in response, and the
is compiled with support for data encryption, and
indicates a willingness to decrypt
has support for enabling remotely the following
.Bl -tag -width "DO AUTHENTICATION"
is willing to receive an 8 bit data stream.
Requests that the client handle flow control
This is not really supported, but is sent to identify a 4.2BSD
client, which will improperly respond with
will be sent in response.
Indicates a desire to be able to request the
name of the type of terminal that is attached
to the client side of the connection.
Indicates that it does not need to receive
Requests that the client inform the server when
the window (display) size changes.
Indicates a desire to be able to request information
about the speed of the serial line to which
Indicates a desire to be able to request the name
of the X windows display that is associated with
Indicates a desire to be able to request environment
variable information, as described in RFC 1572.
Indicates a desire to be able to request environment
variable information, as described in RFC 1408.
is compiled with support for linemode, and
requests that the client do line by line processing.
is compiled with support for both linemode and
kludge linemode, and the client responded with
If the client responds with
the it is assumed that the client supports
option can be used to disable this.
is compiled with support for authentication, and
indicates a willingness to receive authentication
information for automatic login.
is compiled with support for data encryption, and
indicates a willingness to decrypt
.Bl -tag -compact -width RFC-1572
TELNET OPTION SPECIFICATIONS
TELNET BINARY TRANSMISSION
TELNET SUPPRESS GO AHEAD OPTION
TELNET TIMING MARK OPTION
TELNET EXTENDED OPTIONS - LIST OPTION
TELNET END OF RECORD OPTION
Telnet Window Size Option
Telnet Terminal Speed Option
Telnet Terminal-Type Option
Telnet X Display Location Option
Requirements for Internet Hosts -- Application and Support
Telnet Remote Flow Control Option
Telnet Authentication Option
Telnet Authentication: Kerberos Version 4
Telnet Authentication: SPX
Telnet Environment Option Interoperability Issues
Telnet Environment Option
commands are only partially implemented.
Because of bugs in the original 4.2 BSD
performs some dubious protocol exchanges to try to discover if the remote
client is, in fact, a 4.2 BSD
has no common interpretation except between similar operating systems
The terminal type name received from the remote client is converted to