rlogin(1) 맨 페이지 - 윈디하나의 솔라나라

개요

섹션
맨 페이지 이름
검색(S)

rlogin(1)

rlogin(1)                        User Commands                       rlogin(1)



NAME
       rlogin - remote login

SYNOPSIS
       rlogin [-8EL] [-ec ] [-A] [-K] [-x] [-PN | -PO] [-f | -F] [-a]
            [-l username] [-k realm] hostname

DESCRIPTION
       The  rlogin utility establishes a remote login session from your termi‐
       nal to the remote machine named hostname. The user can choose  to  ker‐
       berize  the  rlogin session using Kerberos V5 and also protect the data
       being transferred.


       Hostnames are listed in the hosts database, which can be  contained  in
       the  /etc/hosts  file, the Network Information Service (NIS) hosts map,
       the Internet domain name server, or a combination of these.  Each  host
       has  one  official  name  (the  first  name in the database entry), and
       optionally one or more nicknames. Either official  hostnames  or  nick‐
       names can be specified in hostname.


       The user can opt for a secure rlogin session which uses Kerberos V5 for
       authentication. Encryption of the session data is  also  possible.  The
       rlogin  session  can  be kerberized using any of the following Kerberos
       specific options: -A, -PN or -PO, -x, -f or -F, and -k  realm. Some  of
       these  options (-A, -x, -PN or -PO, and -f or -F) can also be specified
       in the [appdefaults] section of krb5.conf. The usage of  these  options
       and the expected behavior is discussed in the OPTIONS section below. If
       Kerberos authentication is used, authorization to the account  is  con‐
       trolled  through rules in krb5_auth_rules. If this authorization fails,
       fallback to normal rlogin using rhosts occurs only if the -PO option is
       used  explicitly on the command line or is specified in krb5.conf. Also
       notice that the -PN or -PO, -x, -f or -F, and  -k   realm  options  are
       just supersets of the -A option.


       The  remote  terminal  type is the same as your local terminal type, as
       given in your environment TERM variable. The terminal or window size is
       also  copied  to  the  remote system if the server supports the option.
       Changes in size are reflected as well. All echoing takes place  at  the
       remote  site, so that (except for delays) the remote login is transpar‐
       ent. Flow control using Control-S and Control-Q and flushing  of  input
       and output on interrupts are handled properly.

OPTIONS
       The following options are supported:

       -8             Passes  eight-bit  data across the net instead of seven-
                      bit data.


       -a             Forces the remote machine to ask for a password by send‐
                      ing a null local username.


       -ec            Specifies  a different escape character, c, for the line
                      used to disconnect from the remote host.


       -E             Stops any character from being recognized as  an  escape
                      character.


       -l username    Specifies  a different username for the remote login. If
                      you do not use this option, the remote username used  is
                      the same as your local username.


       -L             Allows the rlogin session to be run in "litout" mode.


   Escape Sequences
       Lines  that  you  type  which  start  with  the tilde character (~) are
       "escape sequences." The escape character can be changed  using  the  -e
       option.

       ~.        Disconnects  from  the remote host. This is not the same as a
                 logout, because the local host breaks the connection with  no
                 warning to the remote end.


       ~susp     Suspends the login session, but only if you are using a shell
                 with Job Control. susp is your "suspend"  character,  usually
                 Control-Z. See tty(1).


       ~dsusp    Suspends  the  input  half  of the login, but output is still
                 able to be seen (only if you are using a shell with Job  Con‐
                 trol).  dsusp  is  your "deferred suspend" character, usually
                 Control-Y. See tty(1).


OPERANDS
       hostname    The remote machine on which rlogin establishes  the  remote
                   login session.


USAGE
       For  the kerberized rlogin session, each user can have a private autho‐
       rization list in a file, .k5login, in their home directory.  Each  line
       in this file should contain a Kerberos principal name of the form prin‐
       cipal/instance@realm. If there is a ~/.k5login file, access is  granted
       to  the account if and only if the originating user is authenticated to
       one of the principals named in  the  ~/.k5login  file.  Otherwise,  the
       originating  user  is  granted access to the account if and only if the
       authenticated principal name of the user can be  mapped  to  the  local
       account  name  using the authenticated-principal-name → local-user-name
       mapping rules. The .k5login file (for access control) comes  into  play
       only when Kerberos authentication is being done.


       For  the non-secure rlogin session, each remote machine can have a file
       named /etc/hosts.equiv containing a list of  trusted  host  names  with
       which  it  shares user names. Users with the same user name on both the
       local and remote machine can rlogin from the  machines  listed  in  the
       remote  machine's  /etc/hosts.equiv  file without supplying a password.
       Individual users can set up a similar private equivalence list with the
       file .rhosts in their home directories. Each line in this file contains
       two names, that is, a host name and a user name, separated by a  space.
       An  entry  in a remote user's .rhosts file permits the user named user‐
       name who is logged into hostname to log in to the remote machine as the
       remote user without supplying a password. If the name of the local host
       is not found in the /etc/hosts.equiv file on the  remote  machine,  and
       the  local  user  name and host name are not found in the remote user's
       .rhosts file, then the remote machine  prompts  for  a  password.  Host
       names  listed  in  the  /etc/hosts.equiv  and .rhosts files must be the
       official host names listed in the hosts database. Nicknames can not  be
       used in either of these files.


       For  security  reasons,  the  .rhosts  file must be owned by either the
       remote user or by root.

FILES
       /etc/passwd            Contains information about users' accounts.


       /usr/hosts/*           For hostname version of the command.


       /etc/hosts.equiv       List  of  trusted  hostnames  with  shared  user
                              names.


       /etc/nologin           Message  displayed  to users attempting to login
                              during machine shutdown.


       $HOME/.rhosts          Private list of trusted hostname/username combi‐
                              nations.


       $HOME/.k5login         File  containing  Kerberos  principals  that are
                              allowed access.


       /etc/krb5/krb5.conf    Kerberos configuration file.


       /etc/hosts             Hosts database.


ATTRIBUTES
       See attributes(7) for descriptions of the following attributes:


       tab() box; cw(2.75i) |cw(2.75i) lw(2.75i) |lw(2.75i) ATTRIBUTE  TYPEAT‐
       TRIBUTE VALUE _ Availabilitynetwork/legacy-remote-utilities _ Interface
       StabilityObsolete


SEE ALSO
       rsh(1),  stty(1),   tty(1),   hosts(5),   hosts.equiv(5),   nologin(5),
       attributes(7), in.rlogind(8)

DIAGNOSTICS
       The  following  message indicates that the machine is in the process of
       being shutdown and logins have been disabled:

         NO LOGINS: System going down in N minutes


NOTES
       When a system is listed in hosts.equiv, its security must be as good as
       local  security.  One insecure system listed in hosts.equiv can compro‐
       mise the security of the entire system.


       The Network Information Service (NIS) was formerly known as Sun  Yellow
       Pages  (YP.)  The  functionality  of the two remains the same. Only the
       name has changed.


       This implementation can only use the TCP network service.


       This technology may be removed in a future release of Oracle Solaris.



Oracle Solaris 11.4               15 Apr 2019                        rlogin(1)
맨 페이지 내용의 저작권은 맨 페이지 작성자에게 있습니다.
RSS ATOM XHTML 5 CSS3