summaryrefslogtreecommitdiffstats
path: root/crypto/kerberosIV/man/rlogind.8
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/kerberosIV/man/rlogind.8')
-rw-r--r--crypto/kerberosIV/man/rlogind.8178
1 files changed, 0 insertions, 178 deletions
diff --git a/crypto/kerberosIV/man/rlogind.8 b/crypto/kerberosIV/man/rlogind.8
deleted file mode 100644
index bc99529..0000000
--- a/crypto/kerberosIV/man/rlogind.8
+++ /dev/null
@@ -1,178 +0,0 @@
-.\" Copyright (c) 1983, 1989, 1991, 1993
-.\" The Regents of the University of California. All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\" 1. Redistributions of source code must retain the above copyright
-.\" notice, this list of conditions and the following disclaimer.
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\" notice, this list of conditions and the following disclaimer in the
-.\" documentation and/or other materials provided with the distribution.
-.\" 3. All advertising materials mentioning features or use of this software
-.\" must display the following acknowledgement:
-.\" This product includes software developed by the University of
-.\" California, Berkeley and its contributors.
-.\" 4. Neither the name of the University nor the names of its contributors
-.\" may be used to endorse or promote products derived from this software
-.\" without specific prior written permission.
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
-.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
-.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-.\" SUCH DAMAGE.
-.\"
-.\" @(#)rlogind.8 8.1 (Berkeley) 6/4/93
-.\"
-.Dd August 25, 1996
-.Dt RLOGIND 8
-.Os BSD 4.2
-.Sh NAME
-.Nm rlogind
-.Nd remote login server
-.Sh SYNOPSIS
-.Nm rlogind
-.Op Fl ailnkvxD
-.Op Fl p Ar portnumber
-.Op Fl L Ar /bin/login
-.Sh DESCRIPTION
-.Nm Rlogind
-is the server for the
-.Xr rlogin 1
-program. The server provides a remote login facility with
-kerberos-based authentication or traditional pseudo-authentication with
-privileged port numbers from trusted hosts.
-.Pp
-Options supported by
-.Nm rlogind :
-.Bl -tag -width Ds
-.It Fl a
-No-op. For backwards compatibility. Hostnames are always verified.
-.It Fl l
-Prevent any authentication based on the user's
-.Dq Pa .rhosts
-file, unless the user is logging in as the superuser.
-.It Fl n
-Disable keep-alive messages.
-.It Fl k
-Enable kerberos authentication.
-.It Fl i
-Do not expect to be spawned by inetd and create a socket and listen on
-it yourself.
-.It Fl p portnumber
-Specifies the port number it should listen on in case the
-.It Fl i
-flag has been given.
-.It Fl v
-Vacuous, echo "Remote host requires Kerberos authentication" and exit.
-.It Fl x
-Provides an encrypted communications channel. This options requires the
-.Fl k
-flag.
-.It Fl L pathname
-Specify pathname to an alternative login program.
-.It Fl D
-Use the TCP nodelay option (see setsockopt(2)).
-.El
-.Pp
-When a service request is received,
-.Nm rlogind
-verifies the kerberos ticket supplied by the user.
-.Pp
-For non-kerberised connections, the following protocol is initiated:
-.Bl -enum
-.It
-The server checks the client's source port.
-If the port is not in the range 512-1023, the server
-aborts the connection.
-.It
-The server checks the client's source address
-and requests the corresponding host name (see
-.Xr gethostbyaddr 3 ,
-.Xr hosts 5
-and
-.Xr named 8 ) .
-If the hostname cannot be determined,
-the dot-notation representation of the host address is used.
-The addresses for the hostname are requested,
-verifying that the name and address correspond.
-Normal authentication is bypassed if the address verification fails.
-.El
-.Pp
-Once the source port and address have been checked,
-.Nm rlogind
-proceeds with the authentication process described in
-.Xr rshd 8 .
-.Pp
-It then allocates a pseudo terminal (see
-.Xr pty 4 ) ,
-and manipulates file descriptors so that the slave
-half of the pseudo terminal becomes the
-.Em stdin ,
-.Em stdout ,
-and
-.Em stderr
-for a login process.
-The login process is an instance of the
-.Xr login 1
-program, invoked with the
-.Fl f
-option if authentication has succeeded.
-If automatic authentication fails, the user is
-prompted to log in as if on a standard terminal line.
-.Pp
-The parent of the login process manipulates the master side of
-the pseudo terminal, operating as an intermediary
-between the login process and the client instance of the
-.Xr rlogin
-program. In normal operation, the packet protocol described
-in
-.Xr pty 4
-is invoked to provide
-.Ql ^S/^Q
-type facilities and propagate
-interrupt signals to the remote programs. The login process
-propagates the client terminal's baud rate and terminal type,
-as found in the environment variable,
-.Ql Ev TERM ;
-see
-.Xr environ 7 .
-The screen or window size of the terminal is requested from the client,
-and window size changes from the client are propagated to the pseudo terminal.
-.Pp
-Transport-level keepalive messages are enabled unless the
-.Fl n
-option is present.
-The use of keepalive messages allows sessions to be timed out
-if the client crashes or becomes unreachable.
-.Sh DIAGNOSTICS
-All initial diagnostic messages are indicated
-by a leading byte with a value of 1,
-after which any network connections are closed.
-If there are no errors before
-.Xr login
-is invoked, a null byte is returned as in indication of success.
-.Bl -tag -width Ds
-.It Sy Try again.
-A
-.Xr fork
-by the server failed.
-.El
-.Sh SEE ALSO
-.Xr login 1 ,
-.Xr ruserok 3 ,
-.Xr rshd 8
-.Sh BUGS
-A more extensible protocol should be used.
-.Sh HISTORY
-The
-.Nm
-command appeared in
-.Bx 4.2 .
OpenPOWER on IntegriCloud