Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
RLOGIN(1)		    General Commands Manual		     RLOGIN(1)

       rlogin -	remote login

       rlogin  rhost  [-ec]  [-8] [-c] [ -a] [-f] [-F] [-t termtype] [-n] [-7]
       [-PN | -PO] [-d]	[-k realm] [-x]	[-L] [-l username]

       Rlogin connects your terminal on	the current local host system lhost to
       the remote host system rhost.

       The version built to use	Kerberos authentication	is very	similar	to the
       standard	Berkeley rlogin(1), except that	instead	of the	rhosts	mecha-
       nism, it	uses Kerberos authentication to	determine the authorization to
       use a remote account.

       Each user may have a private authorization list in a file  .k5login  in
       his  login directory.  Each line	in this	file should contain a Kerberos
       principal name of the form principal/instance@realm.  If	the  originat-
       ing  user  is authenticated to one of the principals named in .k5login,
       access is granted to the	account.  If there is no /.k5login  file,  the
       principal  will	be  granted  access  to	 the  account according	to the
       aname->lname mapping rules.   (See  krb5_anadd(8)  for  more  details.)
       Otherwise  a  login and password	will be	prompted for on	the remote ma-
       chine as	in login(1).  To avoid some security  problems,	 the  .k5login
       file must be owned by the remote	user.

       If  there is some problem in marshaling the Kerberos authentication in-
       formation, an error message is printed and the standard UCB  rlogin  is
       executed	in place of the	Kerberos rlogin.

       A line of the form ``~.'' disconnects from the remote host, where ``~''
       is the escape character.	 Similarly, the	line ``~^Z'' (where  ^Z,  con-
       trol-Z,	is  the	 suspend  character)  will suspend the rlogin session.
       Substitution of the delayed-suspend character  (normally	 ^Y)  for  the
       suspend	character  suspends the	send portion of	the rlogin, but	allows
       output from the remote system.

       The remote terminal type	is the same as your local  terminal  type  (as
       given in	your environment TERM variable), unless	the -t option is spec-
       ified (see below).  The terminal	or window size is also copied  to  the
       remote  system  if  the server supports the option, and changes in size
       are reflected as	well.

       All echoing takes place at the remote site, so that (except for delays)
       the  rlogin is transparent.  Flow control via ^S	and ^Q and flushing of
       input and output	on interrupts are handled properly.

       -8     allows an	eight-bit input	data path at all times;	otherwise par-
	      ity  bits	 are  stripped	except when the	remote side's stop and
	      start characters are other than ^S/^Q.  Eight-bit	 mode  is  the

       -L     allows the rlogin	session	to be run in litout mode.

       -ec    sets  the	 escape	 character to c.  There	is no space separating
	      this option flag and the new escape character.

       -c     require confirmation before disconnecting	via ``~.''

       -a     force the	remote machine to ask for a password by	sending	a null
	      local  username.	 This option has no effect unless the standard
	      UCB rlogin is executed in	place  of  the	Kerberos  rlogin  (see

       -f     forward a	copy of	the local credentials to the remote system.

       -F     forward  a  forwardable copy of the local	credentials to the re-
	      mote system.

       -t termtype
	      replace the  terminal  type  passed  to  the  remote  host  with

       -n     prevent suspension of rlogin via ``~^Z'' or ``~^Y''.

       -7     force seven-bit transmissions.

       -d     turn  on socket debugging	(via setsockopt(2)) on the TCP sockets
	      used for communication with the remote host.

       -k     request rlogin to	obtain tickets for the remote  host  in	 realm
	      realm  instead  of  the  remote  host's  realm  as determined by

       -x     turn on DES encryption for all data passed via the  rlogin  ses-
	      sion.   This  significantly  reduces  response time and signifi-
	      cantly increases CPU utilization.


       -PO    Explicitly request new or	old version of the  Kerberos  ``rcmd''
	      protocol.	  The new protocol avoids many security	problems found
	      in the old one, but is not  interoperable	 with  older  servers.
	      (An  "input/output  error"  and  a closed	connection is the most
	      likely result of attempting this combination.)  If  neither  op-
	      tion  is	specified,  some  simple  heuristics are used to guess
	      which to try.

       rsh(1),	kerberos(3),  krb_sendauth(3),	krb_realmofhost(3),  rlogin(1)
       [UCB version]

       ~/.k5login  (on remote host) - file containing Kerberos principals that
		   are allowed access.

       More of the environment should be propagated.



Want to link to this manual page? Use this URL:

home | help