summaryrefslogtreecommitdiffstats
path: root/crypto/heimdal/appl/rsh/rsh.1
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/heimdal/appl/rsh/rsh.1')
-rw-r--r--crypto/heimdal/appl/rsh/rsh.1121
1 files changed, 75 insertions, 46 deletions
diff --git a/crypto/heimdal/appl/rsh/rsh.1 b/crypto/heimdal/appl/rsh/rsh.1
index 82c1f6c..2999dc0 100644
--- a/crypto/heimdal/appl/rsh/rsh.1
+++ b/crypto/heimdal/appl/rsh/rsh.1
@@ -29,9 +29,9 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $Id: rsh.1,v 1.6 2003/04/16 19:57:25 lha Exp $
+.\" $Id: rsh.1 13394 2004-02-20 12:21:42Z joda $
.\"
-.Dd September 4, 2002
+.Dd February 20, 2004
.Dt RSH 1
.Os HEIMDAL
.Sh NAME
@@ -85,9 +85,9 @@ option.
.Xc
The
.Fl K
-option turns off all Kerberos authentication. The long name implies
-that this is more or less totally unsecure. The security in this mode
-relies on reserved ports, which is not very secure.
+option turns off all Kerberos authentication. The security in this
+mode relies on reserved ports. The long name is an indication of how
+good this is.
.It Xo
.Fl n ,
.Fl -no-input
@@ -99,6 +99,10 @@ option directs the input from the
device (see the
.Sx BUGS
section of this manual page).
+.It Fl d
+Enable
+.Xr setsockopt 2
+socket debugging.
.It Xo
.Fl e ,
.Fl -no-stderr
@@ -120,45 +124,48 @@ section for limitations).
.Xc
The opposite of
.Fl x .
-This is the default, but encryption can be enabled when using
-Kerberos 5, by setting the
-.Li libdefaults/encrypt
-option in
-.Xr krb5.conf 5 .
+This is the default, and is mainly useful if encryption has been
+enabled by default, for instance in the
+.Li appdefaults
+section of
+.Pa /etc/krb5.conf
+when using Kerberos 5.
.It Xo
.Fl f ,
.Fl -forward
.Xc
-Forward Kerberos 5 credentials to the remote host. Also controlled by
-.Li libdefaults/forward
-in
-.Xr krb5.conf 5 .
-.It Xo
-.Fl G
-.Xc
-The opposite of
-.Fl f .
+Forward Kerberos 5 credentials to the remote host.
+Also settable via
+.Li appdefaults
+(see
+.Xr krb5.conf ) .
.It Xo
.Fl F ,
.Fl -forwardable
.Xc
-Make the forwarded credentials re-forwardable. Also controlled by
-.Li libdefaults/forwardable
-in
-.Xr krb5.conf 5 .
+Make the forwarded credentials re-forwardable.
+Also settable via
+.Li appdefaults
+(see
+.Xr krb5.conf ) .
.It Xo
-.Fl u ,
-.Fl -unique
+.Fl l Ar string ,
+.Fl -user= Ns Ar string
.Xc
-Make sure the remote credentials cache is unique, that is, don't reuse
-any existing cache. Mutually exclusive to
-.Fl U .
+By default the remote username is the same as the local. The
+.Fl l
+option or the
+.Pa username@host
+format allow the remote name to be specified.
.It Xo
-.Fl U Pa string ,
-.Fl -tkfile= Ns Pa string
+.Fl n ,
+.Fl -no-input
.Xc
-Name of the remote credentials cache. Mutually exclusive to
-.Fl u .
+Direct input from
+.Pa /dev/null
+(see the
+.Sx BUGS
+section).
.It Xo
.Fl p Ar number-or-service ,
.Fl -port= Ns Ar number-or-service
@@ -169,30 +176,52 @@ Kerberos 4, and 545 for encrytpted Kerberos 4; subject of course to
the contents of
.Pa /etc/services ) .
.It Xo
-.Fl l Ar string ,
-.Fl -user= Ns Ar string
-.Xc
-By default the remote username is the same as the local. The
-.Fl l
-option or the
-.Pa username@host
-format allow the remote name to be specified.
-.It Xo
.Fl P Ar N|O|1|2 ,
.Fl -protocol= Ns Ar N|O|1|2
.Xc
-Specifies which protocol version to use with Kerberos 5.
+Specifies the protocol version to use with Kerberos 5.
.Ar N
and
.Ar 2
-selects protocol version 2, while
+select protocol version 2, while
.Ar O
and
.Ar 1
-selects version 1. Version 2 is believed to be more secure, and is the
+select version 1. Version 2 is believed to be more secure, and is the
default. Unless asked for a specific version,
.Nm
will try both. This behaviour may change in the future.
+.It Xo
+.Fl u ,
+.Fl -unique
+.Xc
+Make sure the remote credentials cache is unique, that is, don't reuse
+any existing cache. Mutually exclusive to
+.Fl U .
+.It Xo
+.Fl U Pa string ,
+.Fl -tkfile= Ns Pa string
+.Xc
+Name of the remote credentials cache. Mutually exclusive to
+.Fl u .
+.It Xo
+.Fl x ,
+.Fl -encrypt
+.Xc
+The
+.Fl x
+option enables encryption for all data exchange. This is only valid
+for Kerberos authenticated connections (see the
+.Sx BUGS
+section for limitations).
+.It Fl z
+The opposite of
+.Fl x .
+This is the default, but encryption can be enabled when using
+Kerberos 5, by setting the
+.Li libdefaults/encrypt
+option in
+.Xr krb5.conf 5 .
.El
.\".Pp
.\"Without a
@@ -208,7 +237,7 @@ machine.
.Pp
The following command:
.Pp
-.Dl rsh otherhost cat remotefile > localfile
+.Dl rsh otherhost cat remotefile \*[Gt] localfile
.Pp
will write the contents of the remote
.Pa remotefile
@@ -216,7 +245,7 @@ to the local
.Pa localfile ,
but:
.Pp
-.Dl rsh otherhost 'cat remotefile > remotefile2'
+.Dl rsh otherhost 'cat remotefile \*[Gt] remotefile2'
.Pp
will write it to the remote
.Pa remotefile2 .
OpenPOWER on IntegriCloud