svcadm(8)을 검색하려면 섹션에서 8 을 선택하고, 맨 페이지 이름에 svcadm을 입력하고 검색을 누른다.
rlogin(1)
rlogin(1) User Commands rlogin(1)
NAME
rlogin - remote login
SYNOPSIS
rlogin [-8EL] [-ec ] [-A] [-K] [-x] [-PN | -PO] [-f | -F] [-a]
[-l username] [-k realm] hostname
DESCRIPTION
The rlogin utility establishes a remote login session from your termi‐
nal to the remote machine named hostname. The user can choose to ker‐
berize the rlogin session using Kerberos V5 and also protect the data
being transferred.
Hostnames are listed in the hosts database, which can be contained in
the /etc/hosts file, the Network Information Service (NIS) hosts map,
the Internet domain name server, or a combination of these. Each host
has one official name (the first name in the database entry), and
optionally one or more nicknames. Either official hostnames or nick‐
names can be specified in hostname.
The user can opt for a secure rlogin session which uses Kerberos V5 for
authentication. Encryption of the session data is also possible. The
rlogin session can be kerberized using any of the following Kerberos
specific options: -A, -PN or -PO, -x, -f or -F, and -k realm. Some of
these options (-A, -x, -PN or -PO, and -f or -F) can also be specified
in the [appdefaults] section of krb5.conf. The usage of these options
and the expected behavior is discussed in the OPTIONS section below. If
Kerberos authentication is used, authorization to the account is con‐
trolled through rules in krb5_auth_rules. If this authorization fails,
fallback to normal rlogin using rhosts occurs only if the -PO option is
used explicitly on the command line or is specified in krb5.conf. Also
notice that the -PN or -PO, -x, -f or -F, and -k realm options are
just supersets of the -A option.
The remote terminal type is the same as your local terminal type, as
given in your environment TERM variable. The terminal or window size is
also copied to the remote system if the server supports the option.
Changes in size are reflected as well. All echoing takes place at the
remote site, so that (except for delays) the remote login is transpar‐
ent. Flow control using Control-S and Control-Q and flushing of input
and output on interrupts are handled properly.
OPTIONS
The following options are supported:
-8 Passes eight-bit data across the net instead of seven-
bit data.
-a Forces the remote machine to ask for a password by send‐
ing a null local username.
-ec Specifies a different escape character, c, for the line
used to disconnect from the remote host.
-E Stops any character from being recognized as an escape
character.
-l username Specifies a different username for the remote login. If
you do not use this option, the remote username used is
the same as your local username.
-L Allows the rlogin session to be run in "litout" mode.
Escape Sequences
Lines that you type which start with the tilde character (~) are
"escape sequences." The escape character can be changed using the -e
option.
~. Disconnects from the remote host. This is not the same as a
logout, because the local host breaks the connection with no
warning to the remote end.
~susp Suspends the login session, but only if you are using a shell
with Job Control. susp is your "suspend" character, usually
Control-Z. See tty(1).
~dsusp Suspends the input half of the login, but output is still
able to be seen (only if you are using a shell with Job Con‐
trol). dsusp is your "deferred suspend" character, usually
Control-Y. See tty(1).
OPERANDS
hostname The remote machine on which rlogin establishes the remote
login session.
USAGE
For the kerberized rlogin session, each user can have a private autho‐
rization list in a file, .k5login, in their home directory. Each line
in this file should contain a Kerberos principal name of the form prin‐
cipal/instance@realm. If there is a ~/.k5login file, access is granted
to the account if and only if the originating user is authenticated to
one of the principals named in the ~/.k5login file. Otherwise, the
originating user is granted access to the account if and only if the
authenticated principal name of the user can be mapped to the local
account name using the authenticated-principal-name → local-user-name
mapping rules. The .k5login file (for access control) comes into play
only when Kerberos authentication is being done.
For the non-secure rlogin session, each remote machine can have a file
named /etc/hosts.equiv containing a list of trusted host names with
which it shares user names. Users with the same user name on both the
local and remote machine can rlogin from the machines listed in the
remote machine's /etc/hosts.equiv file without supplying a password.
Individual users can set up a similar private equivalence list with the
file .rhosts in their home directories. Each line in this file contains
two names, that is, a host name and a user name, separated by a space.
An entry in a remote user's .rhosts file permits the user named user‐
name who is logged into hostname to log in to the remote machine as the
remote user without supplying a password. If the name of the local host
is not found in the /etc/hosts.equiv file on the remote machine, and
the local user name and host name are not found in the remote user's
.rhosts file, then the remote machine prompts for a password. Host
names listed in the /etc/hosts.equiv and .rhosts files must be the
official host names listed in the hosts database. Nicknames can not be
used in either of these files.
For security reasons, the .rhosts file must be owned by either the
remote user or by root.
FILES
/etc/passwd Contains information about users' accounts.
/usr/hosts/* For hostname version of the command.
/etc/hosts.equiv List of trusted hostnames with shared user
names.
/etc/nologin Message displayed to users attempting to login
during machine shutdown.
$HOME/.rhosts Private list of trusted hostname/username combi‐
nations.
$HOME/.k5login File containing Kerberos principals that are
allowed access.
/etc/krb5/krb5.conf Kerberos configuration file.
/etc/hosts Hosts database.
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
tab() box; cw(2.75i) |cw(2.75i) lw(2.75i) |lw(2.75i) ATTRIBUTE TYPEAT‐
TRIBUTE VALUE _ Availabilitynetwork/legacy-remote-utilities _ Interface
StabilityObsolete
SEE ALSO
rsh(1), stty(1), tty(1), hosts(5), hosts.equiv(5), nologin(5),
attributes(7), in.rlogind(8)
DIAGNOSTICS
The following message indicates that the machine is in the process of
being shutdown and logins have been disabled:
NO LOGINS: System going down in N minutes
NOTES
When a system is listed in hosts.equiv, its security must be as good as
local security. One insecure system listed in hosts.equiv can compro‐
mise the security of the entire system.
The Network Information Service (NIS) was formerly known as Sun Yellow
Pages (YP.) The functionality of the two remains the same. Only the
name has changed.
This implementation can only use the TCP network service.
This technology may be removed in a future release of Oracle Solaris.
Oracle Solaris 11.4 15 Apr 2019 rlogin(1)