unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (HP-UX-11.11)
Page:
Section:
Apropos / Subsearch:
optional field



 telnetd(1M)							 telnetd(1M)




 NAME
      telnetd - TELNET protocol server

 SYNOPSIS
      /usr/lbin/telnetd [-b [bannerfile]] [-s] [-t] [-z] [-TCP_DELAY]

 DESCRIPTION
      The telnetd daemon executes a server that supports the DARPA standard
      TELNET virtual terminal protocol.	 The Internet daemon (inetd)
      executes telnetd when it receives a service request at the port listed
      in the services data base for telnet using the tcp protocol (see
      inetd(1M) and services(4)).

      telnetd operates by allocating a Telnet pseudo-terminal device (see
      tels(7)) for a client, then creating a login process which has the
      slave side of the Telnet pseudo-terminal as stdin, stdout, and stderr.
      telnetd manipulates the master side of the Telnet pseudo-terminal,
      implementing the TELNET protocol, and passing characters between the
      client and login process.

      NOTE: telnetd no longer uses pty(7) devices; instead it uses special
      devices created for TELNET sessions only. For a full description, see
      tels(7).

      When a TELNET session is started up, telnetd sends TELNET options to
      the client side, indicating a willingness to do remote echo of
      characters, to suppress go ahead, and to receive terminal speed and
      terminal type information from the remote client.	 If the remote
      client is willing, the remote terminal type is propagated in the
      environment of the created login process.	 The pseudo-terminal
      allocated to the client is configured as a normal terminal for login,
      with the exception of echoing characters (see tty(7)).

	   telnetd is willing to do: echo, binary, suppress go ahead, and
	   timing mark.

	   telnetd is willing to have the remote client do: binary, flow
	   control, terminal speed, terminal type, and suppress go ahead.

      The flow control option permits applications running on a remote host
      to toggle the flow control on the local host.  To toggle flow control
      for a telnet session programmatically, the application program must
      first call the tcgetattr function to get the current termios settings.
      For example,

	   tcgetattr(filedes, &&amp&amp&termios_p)

      Then, the c_iflag of the termios structure must have IXON set(reset)
      to enable(disable) flow control.





 Hewlett-Packard Company	    - 1 -   HP-UX Release 11i: November 2000






 telnetd(1M)							 telnetd(1M)




      Finally, the tcsetattr function call can implement the change.  For
      example,

	   tcsetattr(filedes, TCSANOW, &&amp&amp&termios_p)

      To toggle the flow control interactively, the user can issue a stty
      command using the input options -ixon to disable, or ixon to enable
      flow control. (see stty(1)).

      The terminal speed option permits applications running on a remote
      host to obtain the terminal speed of the local host session using
      either ioctl or stty.

      The telnet server also supports the TAC User ID (also known as the TAC
      Access Control System, or TACACS User ID) option, whereby users
      telneting to two or more consenting hosts may avoid going through a
      second login sequence.  See the -t option below.

      To start telnetd from the Internet daemon, the configuration file
      /etc/inetd.conf must contain an entry as follows:

	   telnet stream tcp nowait root /usr/lbin/telnetd telnetd

      telnet uses the same files as rlogin to verify participating systems
      and authorized users, hosts.equiv and .rhosts.  (See hosts.equiv(4)
      and the Managing Systems and Workgroups manual for configuration
      details.)

    Options
      telnetd has the following options.

      -b  [bannerfile]	  Specify a file containing a custom banner.  This
			  option overrides the standard telnetd login
			  banner.  For example, to use /etc/issue as the
			  login banner, have inetd start telnetd with the
			  following lines in /etc/inetd.conf (\ provides
			  line continuation):

			  telnet stream tcp nowait root /usr/lbin/telnetd \
			       telnetd -b/etc/issue

			  If bannerfile is not specified, telnetd does not
			  print a login banner.

      -s		  This options allows users to set the BUFFERSIZE
			  value.  This options, when set, informs telnetd
			  the number of user bytes to concatenate before
			  sending to TCP.  This option is set with integer
			  values. There is no specified default.





 Hewlett-Packard Company	    - 2 -   HP-UX Release 11i: November 2000






 telnetd(1M)							 telnetd(1M)




      -t		  Enable the TAC User ID option.  The system
			  administrator can enable the TAC User ID option on
			  servers designated as participating hosts by
			  having inetd start telnetd with the -t option in
			  /etc/inetd.conf:

			  telnet stream tcp nowait root /usr/lbin/telnetd
			  telnetd -t

			  In order for the TAC User ID option to work as
			  specified, the system administrator must assign to
			  all authorized users of the option the same login
			  name and unique user ID (UUID) on every
			  participating system to which they are allowed TAC
			  User ID access.  These same UUIDs should not be
			  assigned to non-authorized users.

			  Users cannot use the feature on systems where
			  their local and remote UUIDs differ, but they can
			  always use the normal telnet login sequence.
			  Also, there may be a potential security breach
			  where a user with one UUID may be able to gain
			  entry to participating systems and accounts where
			  that UUID is assigned to someone else, unless the
			  above restrictions are followed.

			  A typical configuration may consist of one or more
			  secure front-end systems and a network of
			  participating hosts.	Users who have successfully
			  logged onto the front-end system may telnet
			  directly to any participating system without being
			  prompted for another login.

      -z		  This option allows users to set the BUFFERTIMEOUT
			  value. This option, when set, informs telnetd how
			  long it should wait before timing out and flushing
			  the concatenated user data to TCP.  Note that the
			  TIMEOUT value is measured in clock ticks (10ms)
			  and not in seconds.  This option is set with
			  integer values. There is no specified default.

      -TCP_DELAY	  This option allows the users to disable the
			  TCP_NODELAY socket option. When telnetd is invoked
			  with this option, small writes over telnetd may
			  concatenate at the tcp level so that larger tcp
			  packets are sent to the client at less frequent
			  intervals.

      To configure telnetd to have a BUFFERSIZE of 100 bytes and a
      BUFFERTIMEOUT of 100 ticks and the TCP_DELAY ON, the entry in
      /etc/inetd.conf would be:



 Hewlett-Packard Company	    - 3 -   HP-UX Release 11i: November 2000






 telnetd(1M)							 telnetd(1M)




	   telnet  stream tcp nowait root /usr/lbin/telnetd  telnetd -s100 \
	   -z100 -TCP_DELAY

 DIAGNOSTICS
      If any error is encountered by telnetd in establishing the connection,
      an error message is returned through the connection, after which the
      connection is closed and the server exits.  Any errors generated by
      the login process or its descendents are passed through as ordinary
      data.

      The following diagnostic messages are displayed by telnetd:

	   unable to allocate Telnet device

		The server was unable to obtain a Telnet pseudo-terminal for
		use with the login process.  Either all Telnet pseudo-
		terminals were in use or the telm driver has not been
		properly set up (see tels(7)).

		Next step: Check the Telnet pseudo driver configuration of
		the host where telnetd is executing.

	   fork: No more processes

		telnetd was unable to fork a process to handle the incoming
		connection.

		Next step: Wait a period of time and try again.	 If this
		message persists, the server's host may have runaway
		processes that are using all the entries in the process
		table.

	   /usr/bin/login: ...

		The login program could not be started via exec*() for the
		reason indicated (see exec(2)).

 WARNINGS
      The terminal type name received from the remote client is converted to
      lowercase.

      telnetd never sends TELNET go ahead commands.

 AUTHOR
      telnetd was developed by the University of California, Berkeley.

 SEE ALSO
      login(1), rlogin(1), telnet(1), inetd(1M), inetsvcs_sec(1M), ioctl(2),
      hosts(4), inetd.conf(4), inetd.sec(4), services(4), tels(7), stty(1),
      tty(7).




 Hewlett-Packard Company	    - 4 -   HP-UX Release 11i: November 2000






 telnetd(1M)							 telnetd(1M)




      DOD MIL_STD 1782.

      RFC 854 for the TELNET protocol specification.



















































 Hewlett-Packard Company	    - 5 -   HP-UX Release 11i: November 2000