unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (OSF1-V5.1-alpha)
Page:
Section:
Apropos / Subsearch:
optional field



rlogind(8)							   rlogind(8)



NAME

  rlogind - The	remote login server

SYNOPSIS

  rlogind [-aln]

OPTIONS

  -a  Requests the addresses for the hostname, verifying that the name and
      address correspond.  Normal authentication is bypassed if	the address
      verification fails.

  -l  Prevents authentication based on the user's $HOME/.rhosts	file, unless
      the user is logging in as	the superuser.

  -n  Disables transport-level,	keep-alive messages. The messages are enabled
      by default.

DESCRIPTION

  The rlogind daemon is	the server for the rlogin(1) program.  The server
  provides a remote login facility with	authentication based on	privileged
  port numbers from trusted hosts.

  The rlogind daemon listens for service requests at the port indicated	in
  the login service specification; see services(4).  When a service request
  is received, the following protocol is initiated:

   1.  The server checks the client's source port. If the port is not in the
       range 512 to 1023, the server aborts the	connection.

   2.  The server checks the client's source address and requests the
       corresponding hostname (see gethostbyaddr(3), hosts(4) and named(8).
       If the hostname cannot be determined, the dot-notation representation
       of the host address is used.  If	the hostname is	in the same domain as
       the server (according to	the last two components	of the domain name),
       or if the -a option is given, the addresses for the hostname are
       requested, verifying that the name and address correspond. Normal
       authentication is bypassed if the address verification fails.

  Once the source port and address have	been checked, rlogind proceeds with
  the authentication process described in rshd(8).  It then allocates a	pseu-
  doterminal (see pty(7)), and manipulates file	descriptors so that the	slave
  half of the pseudoterminal becomes the stdin,	stdout,	and stderr for a
  login	process.  The login process is an instance of the login(1) program
  invoked with the -f option if	authentication has succeeded.  If automatic
  authentication fails,	the user is prompted to	log in as if on	a standard
  terminal line.  The -l option	prevents any authentication based on the
  user's .rhosts file, unless the user is logging in as	the superuser.


  By default, the rlogind daemon starts	the login dialog using the login
  string specified in the message field	of the /etc/gettydefs file. If you
  want to use a	customized banner, create an /etc/issue.net or /etc/issue
  file.	The rlogind daemon reads the file that exists and writes its contents
  to stdout prior to starting the login	dialog.	 If both files exist, only
  the /etc/issue.net file is used.

  The parent of	the login process manipulates the master side of the pseu-
  doterminal, operating	as an intermediary between the login process and the
  client instance of the rlogin	program.  In normal operation, the packet
  protocol described in	pty(7) is invoked to provide<&lt;Ctrl-s>&gt;/<&lt;Ctrl-q>&gt; type
  facilities and propagate interrupt signals to	the remote programs. The
  login	process	propagates the client terminal's baud rate and terminal	type,
  as found in the TERM environment variable.  The screen or window size	of
  the terminal is requested from the client, and window	size changes from the
  client are propagated	to the pseudoterminal.

  Transport-level, keep-alive messages are enabled unless the -n option	is
  present.  The	use of keep-alive messages allows sessions to be timed out if
  the client crashes or	becomes	unreachable.

  Note that the	authentication procedure used here assumes the integrity of
  each client machine and the connecting medium.  This is insecure, but	is
  useful in an open environment.

DIAGNOSTICS

  All initial diagnostic messages are indicated	by a leading byte with a
  value	of 1 (one), after which	any network connections	are closed. If there
  are no errors	before login is	invoked, a null	byte is	returned as an indi-
  cation of success.

  Try again.
      A	fork by	the server failed.

FILES

  /usr/sbin/rlogind
      Specifies	the command path

SEE ALSO

  Commands: login(1)

  Daemons: rshd(8)

  Files: issue(4), issue.net

  Functions: ruserok(3)