rlogin - remote login
SYNOPSIS
rlogin rhost [-ec] [-8] [-c] [ -a] [-f] [-F] [-t termtype]
[-n] [-7] [-d] [-k realm] [-x] [-L] [-l username]
DESCRIPTION
Rlogin connects your terminal on the current local host
system lhost to the remote host system rhost.
The version built to use Kerberos authentication is very
similar to the standard Berkeley rlogin(1), except that
instead of the rhosts mechanism, it uses Kerberos authen-
tication to determine the authorization to use a remote
account.
Each user may have a private authorization list in a file
.k5login in his login directory. Each line in this file
should contain a Kerberos principal name of the form prin-
cipal/instance@realm. If the originating user is authen-
ticated to one of the principals named in .k5login, access
is granted to the account. If there is no /.k5login file,
the principal will be granted access to the account
according to the aname->lname mapping rules. (See
krb5_anadd(8) for more details.) Otherwise a login and
password will be prompted for on the remote machine as in
login(1). To avoid some security problems, the .k5login
file must be owned by the remote user.
If there is some problem in marshaling the Kerberos
authentication information, an error message is printed
and the standard UCB rlogin is executed in place of the
Kerberos rlogin.
A line of the form ``~.'' disconnects from the remote
host, where ``~'' is the escape character. Similarly, the
line ``~^Z'' (where ^Z, control-Z, is the suspend charac-
ter) will suspend the rlogin session. Substitution of the
delayed-suspend character (normally ^Y) for the suspend
character suspends the send portion of the rlogin, but
allows output from the remote system.
The remote terminal type is the same as your local termi-
nal type (as given in your environment TERM variable),
unless the -t option is specified (see below). The termi-
nal or window size is also copied to the remote system if
the server supports the option, and changes in size are
reflected as well.
All echoing takes place at the remote site, so that
(except for delays) the rlogin is transparent. Flow con-
OPTIONS
-8 allows an eight-bit input data path at all times;
otherwise parity bits are stripped except when the
remote side's stop and start characters are other
than ^S/^Q. Eight-bit mode is the default.
-L allows the rlogin session to be run in litout mode.
-ec sets the escape character to c. There is no space
separating this option flag and the new escape
character.
-c require confirmation before disconnecting via
``~.''
-a force the remote machine to ask for a password by
sending a null local username. This option has no
effect unless the standard UCB rlogin is executed
in place of the Kerberos rlogin (see above).
-f forward a copy of the local credentials to the
remote system.
-F forward a forwardable copy of the local credentials
to the remote system.
-t termtype
replace the terminal type passed to the remote host
with termtype.
-n prevent suspension of rlogin via ``~^Z'' or
``~^Y''.
-7 force seven-bit transmissions.
-d turn on socket debugging (via setsockopt(2)) on the
TCP sockets used for communication with the remote
host.
-k request rlogin to obtain tickets for the remote
host in realm realm instead of the remote host's
realm as determined by krb_realmofhost(3).
-x turn on DES encryption for all data passed via the
rlogin session. This significantly reduces
response time and significantly increases CPU uti-
lization.
SEE ALSO
rsh(1), kerberos(3), krb_sendauth(3), krb_realmofhost(3),
rlogin(1) [UCB version]
~/.k5login (on remote host) - file containing Kerberos
principals that are allowed access.
BUGS
More of the environment should be propagated.
|
All Rights Reserved.