SCCS-vsn: libexec/rshd/rshd.8 6.3
SCCS-vsn: libexec/rlogind/rlogind.8 6.3
.\" All rights reserved. The Berkeley software License Agreement
.\" specifies the terms and conditions for redistribution.
.\"
.\" All rights reserved. The Berkeley software License Agreement
.\" specifies the terms and conditions for redistribution.
.\"
-.\" @(#)rlogind.8 6.2 (Berkeley) %G%
+.\" @(#)rlogind.8 6.3 (Berkeley) %G%
.\"
.TH RLOGIND 8C ""
.UC 5
.\"
.TH RLOGIND 8C ""
.UC 5
If the port is not in the range 0-1023, the server
aborts the connection.
.IP 2)
If the port is not in the range 0-1023, the server
aborts the connection.
.IP 2)
-The server checks the client's source address.
-If the address is associated with a host for which no
-corresponding entry exists in the host name data base (see
+The server checks the client's source address
+and requests the corresponding host name (see
.IR gethostbyaddr (3N),
.IR hosts (5)
and
.IR gethostbyaddr (3N),
.IR hosts (5)
and
+.IR named (8)).
+If the hostname cannot be determined,
the dot-notation representation of the host address is used.
.PP
Once the source port and address have been checked,
the dot-notation representation of the host address is used.
.PP
Once the source port and address have been checked,
.PP
A facility to allow all data exchanges to be encrypted should be
present.
.PP
A facility to allow all data exchanges to be encrypted should be
present.
+.PP
+A more extensible protocol should be used.
.\" All rights reserved. The Berkeley software License Agreement
.\" specifies the terms and conditions for redistribution.
.\"
.\" All rights reserved. The Berkeley software License Agreement
.\" specifies the terms and conditions for redistribution.
.\"
-.\" @(#)rshd.8 6.2 (Berkeley) %G%
+.\" @(#)rshd.8 6.3 (Berkeley) %G%
routine and, consequently, for the
.IR rsh (1C)
program. The server provides remote execution facilities
routine and, consequently, for the
.IR rsh (1C)
program. The server provides remote execution facilities
-with authentication based on privileged port numbers.
+with authentication based on privileged port numbers from trusted hosts.
.PP
.I Rshd
listens for service requests at the port indicated in
.PP
.I Rshd
listens for service requests at the port indicated in
port on the client's machine. The source port of this
second connection is also in the range 0-1023.
.IP 4)
port on the client's machine. The source port of this
second connection is also in the range 0-1023.
.IP 4)
-The server checks the client's source address.
-If the address is associated with a host for which no
-corresponding entry exists in the host name data base (see
-.IR hosts (5)),
-the server aborts the connection.
+The server checks the client's source address
+and requests the corresponding host name (see
+.IR gethostbyaddr (3N),
+.IR hosts (5)
+and
+.IR named (8)).
+If the hostname cannot be determined,
+the dot-notation representation of the host address is used.
.IP 5)
A null terminated user name of at most 16 characters
is retrieved on the initial socket. This user name
.IP 5)
A null terminated user name of at most 16 characters
is retrieved on the initial socket. This user name
.IP 8)
.I Rshd
then validates the user according to the following steps.
.IP 8)
.I Rshd
then validates the user according to the following steps.
-The remote user name is looked up in the password file
+The local (server-end) user name is looked up in the password file
and a
.I chdir
is performed to the user's home directory. If either
and a
.I chdir
is performed to the user's home directory. If either
The command line passed exceeds the size of the argument
list (as configured into the system).
.PP
The command line passed exceeds the size of the argument
list (as configured into the system).
.PP
-.B ``Host name for your address unknown.''
-.br
-No entry in the host name database existed for
-the client's machine.
-.PP
.B ``Login incorrect.''
.br
No password file entry for the user name existed.
.B ``Login incorrect.''
.br
No password file entry for the user name existed.
.PP
A facility to allow all data exchanges to be encrypted should be
present.
.PP
A facility to allow all data exchanges to be encrypted should be
present.
+.PP
+A more extensible protocol should be used.