Filewatcher File Search File Search
Catalog
Content Search
» » » » » krb5-clients_1.0.1-4_sparc.deb » Content »
pkg://krb5-clients_1.0.1-4_sparc.deb:170174/usr/share/man/man1/  info  control  downloads

krb5-clients - Secure replacements for ftp, telnet and rsh using MIT Kerberos…  more info»

krb5-rlogin.1.gz

RLOGIN(1)                                                  RLOGIN(1)



NAME
       rlogin - remote login

SYNOPSIS
       rlogin  rhost  [-ec]  [-8] [-c] [ -a] [-f] [-F] [-t termtype]
       [-n] [-7] [-PN | -PO] [-d] [-k realm] [-x] [-L] [-l username]

DESCRIPTION
       Rlogin connects your terminal on the current local host  sys‐
       tem lhost to the remote host system rhost.

       The version built to use Kerberos authentication is very sim‐
       ilar to the standard Berkeley rlogin(1), except that  instead
       of  the  rhosts mechanism, it uses Kerberos authentication to
       determine the authorization to use a remote account.

       Each user may have a private authorization  list  in  a  file
       .k5login  in  his  login  directory.   Each line in this file
       should contain a Kerberos principal name of the form  princi‐
       pal/instance@realm.  If the originating user is authenticated
       to one of the principals named in .k5login, access is granted
       to the account.  If there is no /.k5login file, the principal
       will be granted  access  to  the  account  according  to  the
       aname->lname  mapping  rules.   (See  krb5_anadd(8)  for more
       details.)  Otherwise a login and password  will  be  prompted
       for  on  the  remote  machine  as in login(1).  To avoid some
       security problems, the .k5login file must  be  owned  by  the
       remote user.

       If there is some problem in marshaling the Kerberos authenti‐
       cation information, an error message is printed and the stan‐
       dard UCB rlogin is executed in place of the Kerberos rlogin.

       A  line  of the form ``~.'' disconnects from the remote host,
       where ``~'' is the escape  character.   Similarly,  the  line
       ``~^Z''  (where ^Z, control-Z, is the suspend character) will
       suspend the rlogin session.  Substitution of the delayed-sus‐
       pend  character  (normally ^Y) for the suspend character sus‐
       pends the send portion of the rlogin, but allows output  from
       the remote system.

       The  remote  terminal type is the same as your local terminal
       type (as given in your environment TERM variable), unless the
       -t  option  is specified (see below).  The terminal or window
       size is also copied to the remote system if the  server  sup‐
       ports the option, and changes in size are reflected as well.

       All  echoing  takes place at the remote site, so that (except
       for delays) the rlogin is transparent.  Flow control  via  ^S
       and  ^Q  and  flushing  of input and output on interrupts are
       handled properly.

OPTIONS
       -8     allows an eight-bit input data path at all times; oth‐
              erwise parity bits are stripped except when the remote
              side's stop and start characters are other than ^S/^Q.
              Eight-bit mode is the default.

       -L     allows the rlogin session to be run in litout mode.

       -ec    sets  the  escape  character  to c.  There is no space
              separating this option flag and the new escape charac‐
              ter.

       -c     require confirmation before disconnecting via ``~.''

       -a     force  the  remote  machine  to  ask for a password by
              sending a null local username.   This  option  has  no
              effect  unless  the standard UCB rlogin is executed in
              place of the Kerberos rlogin (see above).

       -f     forward a copy of the local credentials to the  remote
              system.

       -F     forward a forwardable copy of the local credentials to
              the remote system.

       -t termtype
              replace the terminal type passed to  the  remote  host
              with termtype.

       -n     prevent suspension of rlogin via ``~^Z'' or ``~^Y''.

       -7     force seven-bit transmissions.

       -d     turn  on  socket  debugging (via setsockopt(2)) on the
              TCP sockets used for  communication  with  the  remote
              host.

       -k     request  rlogin  to obtain tickets for the remote host
              in realm realm instead of the remote host's  realm  as
              determined by krb_realmofhost(3).

       -x     turn  on DES encryption for data passed via the rlogin
              session.   This  applies  only  to  input  and  output
              streams,  so  the  username is sent unencrypted.  This
              significantly reduces response time and  significantly
              increases CPU utilization.

       -PN

       -PO    Explicitly  request new or old version of the Kerberos
              ``rcmd'' protocol.  The new protocol avoids many secu‐
              rity  problems found in the old one, but is not inter‐
              operable with older servers.  (An "input/output error"
              and  a  closed connection is the most likely result of
              attempting this combination.)  If  neither  option  is
              specified,  some  simple  heuristics are used to guess
              which to try.

SEE ALSO
       rsh(1),  kerberos(1),  krb_sendauth(3),   krb_realmofhost(3),
       rlogin(1) [UCB version], klogind(8)

FILES
       ~/.k5login  (on remote host) - file containing Kerberos prin‐
                   cipals that are allowed access.

BUGS
       More of the environment should be propagated.



                                                           RLOGIN(1)
Results 1 - 1 of 1
Help - FTP Sites List - Software Dir.
Search over 15 billion files
© 1997-2017 FileWatcher.com