Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   1130 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

RLOGIND(8)							    RLOGIND(8)

NAME
       rlogind - remote login server

SYNOPSIS
       rlogind [ -aln ]

DESCRIPTION
       Rlogind is the server for the rlogin(1) program.	 The server provides a
       remote login facility with authentication based on privileged port num‐
       bers from trusted hosts.

       Rlogind	listens	 for  service  requests	 at  the port indicated in the
       ``login'' service  specification;  see  services(5).   When  a  service
       request is received the following protocol is initiated:

       1)     The  server checks the client's source port.  If the port is not
	      in the range 512-1023, the server aborts the connection.

       2)     The server checks the client's source address and	 requests  the
	      corresponding  host name (see IR gethostbyaddr (3), hosts(5) and
	      named(8)).  If the hostname cannot be determined, the  dot-nota‐
	      tion  representation  of the host address is used.  If the host‐
	      name is in the same domain as the server (according to the  last
	      two  components  of  the	domain	name),	or if the -a option is
	      given, the addresses for the hostname are	 requested,  verifying
	      that  the name and address correspond.  Normal authentication is
	      bypassed if the address verification fails.

       Once the source port and address have been  checked,  rlogind  proceeds
       with  the  authentication  process described in rshd(8).	 It then allo‐
       cates a pseudo terminal (see pty(4)), and manipulates file  descriptors
       so  that the slave half of the pseudo terminal becomes the stdin , std‐
       out , and stderr for a login process.  The login process is an instance
       of  the	login(1) program, invoked with the -f option if authentication
       has succeeded.  If automatic authentication fails, the user is prompted
       to  log	in  as if on a standard terminal line.	The -l option prevents
       any authentication based on the user's  ``.rhosts''  file,  unless  the
       user is logging in as the superuser.

       The  parent  of	the  login  process manipulates the master side of the
       pseudo terminal, operating as an intermediary between the login process
       and  the	 client	 instance of the rlogin program.  In normal operation,
       the packet protocol described in pty(4) is  invoked  to	provide	 ^S/^Q
       type facilities and propagate interrupt signals to the remote programs.
       The login process propagates the client terminal's baud rate and termi‐
       nal  type,  as  found  in the environment variable, ``TERM''; see envi‐
       ron(7).	The screen or window size of the terminal  is  requested  from
       the  client,  and window size changes from the client are propagated to
       the pseudo terminal.

       Transport-level keepalive messages are enabled unless the -n option  is
       present.	 The use of keepalive messages allows sessions to be timed out
       if the client crashes or becomes unreachable.

DIAGNOSTICS
       All initial diagnostic messages are indicated by a leading byte with  a
       value  of  1, after which any network connections are closed.  If there
       are no errors before login is invoked, a null byte is  returned	as  in
       indication of success.

       ``Try again.''
       A fork by the server failed.

SEE ALSO
       login(1), ruserok(3), rshd(8)

BUGS
       The  authentication  procedure  used here assumes the integrity of each
       client machine and the connecting medium.  This	is  insecure,  but  is
       useful in an ``open'' environment.

       A  facility  to	allow  all  data  exchanges  to be encrypted should be
       present.

       A more extensible protocol should be used.

4.2 Berkeley Distribution	 June 24, 1990			    RLOGIND(8)

                             _         _         _ 
                            | |       | |       | |     
                            | |       | |       | |     
                         __ | | __ __ | | __ __ | | __  
                         \ \| |/ / \ \| |/ / \ \| |/ /  
                          \ \ / /   \ \ / /   \ \ / /   
                           \   /     \   /     \   /    
                            \_/       \_/       \_/ 

Vote for polarhome