pty Sdiff usr/src/man/man1m/in.rlogind.1m

Print this page

14249 pseudo-terminal nomenclature should reflect POSIX
Change-Id: Ib4a3cef899ff4c71b09cb0dc6878863c5e8357bc

   1 '\" te
   2 .\" Copyright 1989 AT&T
   3 .\" Copyright (C) 2005, Sun Microsystems, Inc. All Rights Reserved
   4 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License").  You may not use this file except in compliance with the License.
   5 .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.  See the License for the specific language governing permissions and limitations under the License.
   6 .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE.  If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
   7 .TH IN.RLOGIND 1M "June 20, 2021"
   8 .SH NAME
   9 in.rlogind, rlogind \- remote login server
  10 .SH SYNOPSIS
  11 .nf
  12 \fB/usr/sbin/in.rlogind\fR [\fB-k5eExXciPp\fR] [\fB-s\fR \fItos\fR] [\fB-S\fR \fIkeytab\fR]
  13      [\fB-M\fR \fIrealm\fR]
  14 .fi
  15 
  16 .SH DESCRIPTION
  17 \fBin.rlogind\fR is the server for the \fBrlogin\fR(1) program.  The server
  18 provides a remote login facility with authentication based on Kerberos V5 or
  19 privileged port numbers.
  20 .sp
  21 .LP
  22 \fBin.rlogind\fR is invoked by \fBinetd\fR(1M) when a remote login connection
  23 is established. When Kerberos V5 authentication is required (see option
  24 \fB-k\fR below), the authentication sequence is as follows:
  25 .RS +4
  26 .TP
  27 .ie t \(bu

  65 .ie t \(bu
  66 .el o
  67 The server checks the client's source port. If the port is not in the range
  68 512-1023, the server aborts the connection.
  69 .RE
  70 .RS +4
  71 .TP
  72 .ie t \(bu
  73 .el o
  74 The server checks the client's source address. If an entry for the client
  75 exists in both \fB/etc/hosts\fR and \fB/etc/hosts.equiv\fR, a user logging in
  76 from the client is not prompted for a password. If the address is associated
  77 with a host for which no corresponding entry exists in \fB/etc/hosts\fR, the
  78 user is prompted for a password, regardless of  whether or not an entry for the
  79 client is present in  \fB/etc/hosts.equiv\fR. See \fBhosts\fR(4) and
  80 \fBhosts.equiv\fR(4).
  81 .RE
  82 .sp
  83 .LP
  84 Once the source port and address have been checked, \fBin.rlogind\fR allocates
  85 a pseudo-terminal and manipulates file descriptors so that the slave half of
  86 the pseudo-terminal becomes the \fBstdin\fR, \fBstdout\fR, and \fBstderr\fR for
  87 a login process. The login process is an instance of the \fBlogin\fR(1)
  88 program, invoked with the \fB-r\fR.
  89 .sp
  90 .LP
  91 The login process then proceeds with the \fBpam\fR(3PAM) authentication
  92 process. See \fBSECURITY\fR below.  If automatic authentication fails, it
  93 reprompts the user to login.
  94 .sp
  95 .LP
  96 The parent of the login process manipulates the master side of the
  97 pseudo-terminal, operating as an intermediary between the login process and the
  98 client instance of the \fBrlogin\fR program.  In normal operation, a packet
  99 protocol is invoked to provide Ctrl-S and Ctrl-Q type facilities and propagate
 100 interrupt signals to the remote programs. The login process propagates the
 101 client terminal's baud rate and terminal type, as found in the environment
 102 variable, \fBTERM\fR.
 103 .SH OPTIONS
 104 The following options are supported:
 105 .sp
 106 .ne 2
 107 .na
 108 \fB\fB-5\fR\fR
 109 .ad
 110 .RS 13n
 111 Same as \fB-k\fR, for backwards compatibility.
 112 .RE
 113 
 114 .sp
 115 .ne 2
 116 .na

   1 '\" te
   2 .\" Copyright 1989 AT&T
   3 .\" Copyright (C) 2005, Sun Microsystems, Inc. All Rights Reserved
   4 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License").  You may not use this file except in compliance with the License.
   5 .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.  See the License for the specific language governing permissions and limitations under the License.
   6 .\" When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE.  If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
   7 .TH IN.RLOGIND 1M "February 5, 2022"
   8 .SH NAME
   9 in.rlogind, rlogind \- remote login server
  10 .SH SYNOPSIS
  11 .nf
  12 \fB/usr/sbin/in.rlogind\fR [\fB-k5eExXciPp\fR] [\fB-s\fR \fItos\fR] [\fB-S\fR \fIkeytab\fR]
  13      [\fB-M\fR \fIrealm\fR]
  14 .fi
  15 
  16 .SH DESCRIPTION
  17 \fBin.rlogind\fR is the server for the \fBrlogin\fR(1) program.  The server
  18 provides a remote login facility with authentication based on Kerberos V5 or
  19 privileged port numbers.
  20 .sp
  21 .LP
  22 \fBin.rlogind\fR is invoked by \fBinetd\fR(1M) when a remote login connection
  23 is established. When Kerberos V5 authentication is required (see option
  24 \fB-k\fR below), the authentication sequence is as follows:
  25 .RS +4
  26 .TP
  27 .ie t \(bu

  65 .ie t \(bu
  66 .el o
  67 The server checks the client's source port. If the port is not in the range
  68 512-1023, the server aborts the connection.
  69 .RE
  70 .RS +4
  71 .TP
  72 .ie t \(bu
  73 .el o
  74 The server checks the client's source address. If an entry for the client
  75 exists in both \fB/etc/hosts\fR and \fB/etc/hosts.equiv\fR, a user logging in
  76 from the client is not prompted for a password. If the address is associated
  77 with a host for which no corresponding entry exists in \fB/etc/hosts\fR, the
  78 user is prompted for a password, regardless of  whether or not an entry for the
  79 client is present in  \fB/etc/hosts.equiv\fR. See \fBhosts\fR(4) and
  80 \fBhosts.equiv\fR(4).
  81 .RE
  82 .sp
  83 .LP
  84 Once the source port and address have been checked, \fBin.rlogind\fR allocates
  85 a pseudo-terminal and manipulates file descriptors so that the subsidiary half
  86 of the pseudo-terminal becomes the \fBstdin\fR, \fBstdout\fR, and \fBstderr\fR
  87 for a login process.  The login process is an instance of the \fBlogin\fR(1)
  88 program, invoked with the \fB-r\fR.
  89 .sp
  90 .LP
  91 The login process then proceeds with the \fBpam\fR(3PAM) authentication
  92 process. See \fBSECURITY\fR below.  If automatic authentication fails, it
  93 reprompts the user to login.
  94 .sp
  95 .LP
  96 The parent of the login process manipulates the manager side of the
  97 pseudo-terminal, operating as an intermediary between the login process and the
  98 client instance of the \fBrlogin\fR program.  In normal operation, a packet
  99 protocol is invoked to provide Ctrl-S and Ctrl-Q type facilities and propagate
 100 interrupt signals to the remote programs. The login process propagates the
 101 client terminal's baud rate and terminal type, as found in the environment
 102 variable, \fBTERM\fR.
 103 .SH OPTIONS
 104 The following options are supported:
 105 .sp
 106 .ne 2
 107 .na
 108 \fB\fB-5\fR\fR
 109 .ad
 110 .RS 13n
 111 Same as \fB-k\fR, for backwards compatibility.
 112 .RE
 113 
 114 .sp
 115 .ne 2
 116 .na