1*48388Scael.\" Copyright (c) 1983, 1989, 1991 The Regents of the University of California. 235575Sbostic.\" All rights reserved. 319010Smckusick.\" 443770Strent.\" %sccs.include.redist.man% 519010Smckusick.\" 6*48388Scael.\" @(#)rshd.8 6.11 (Berkeley) 04/20/91 735575Sbostic.\" 8*48388Scael.Dd 9*48388Scael.Dt RSHD 8 10*48388Scael.Os BSD 4.2 11*48388Scael.Sh NAME 12*48388Scael.Nm rshd 13*48388Scael.Nd remote shell server 14*48388Scael.Sh SYNOPSIS 15*48388Scael.Nm rshd 16*48388Scael.Op Fl aln 17*48388Scael.Sh DESCRIPTION 18*48388ScaelThe 19*48388Scael.Nm rshd 20*48388Scaelserver 2119010Smckusickis the server for the 22*48388Scael.Xr rcmd 3 2319010Smckusickroutine and, consequently, for the 24*48388Scael.Xr rsh 1 2519010Smckusickprogram. The server provides remote execution facilities 2628715Skarelswith authentication based on privileged port numbers from trusted hosts. 27*48388Scael.Pp 28*48388ScaelThe 29*48388Scael.Nm rshd 30*48388Scaelserver 3119010Smckusicklistens for service requests at the port indicated in 3219010Smckusickthe ``cmd'' service specification; see 33*48388Scael.Xr services 5 . 3419010SmckusickWhen a service request is received the following protocol 3519010Smckusickis initiated: 36*48388Scael.Bl -enum 37*48388Scael.It 3819010SmckusickThe server checks the client's source port. 3939121SkarelsIf the port is not in the range 512-1023, the server 4019010Smckusickaborts the connection. 41*48388Scael.It 4219010SmckusickThe server reads characters from the socket up 4319010Smckusickto a null (`\e0') byte. The resultant string is 44*48388Scaelinterpreted as an 45*48388Scael.Tn ASCII 46*48388Scaelnumber, base 10. 47*48388Scael.It 4832534SbosticIf the number received in step 2 is non-zero, 4919010Smckusickit is interpreted as the port number of a secondary 5019010Smckusickstream to be used for the 51*48388Scael.Em stderr . 5219010SmckusickA second connection is then created to the specified 5319010Smckusickport on the client's machine. The source port of this 5439121Skarelssecond connection is also in the range 512-1023. 55*48388Scael.It 5628715SkarelsThe server checks the client's source address 5728715Skarelsand requests the corresponding host name (see 58*48388Scael.Xr gethostbyaddr 3 , 59*48388Scael.Xr hosts 5 6028715Skarelsand 61*48388Scael.Xr named 8 ) . 6228715SkarelsIf the hostname cannot be determined, 6328715Skarelsthe dot-notation representation of the host address is used. 6439121SkarelsIf the hostname is in the same domain as the server (according to 6539121Skarelsthe last two components of the domain name), 6639121Skarelsor if the 67*48388Scael.Fl a 6839121Skarelsoption is given, 6939121Skarelsthe addresses for the hostname are requested, 7039121Skarelsverifying that the name and address correspond. 7139121SkarelsIf address verification fails, the connection is aborted 7239121Skarelswith the message, ``Host address mismatch.'' 73*48388Scael.It 7419010SmckusickA null terminated user name of at most 16 characters 7519010Smckusickis retrieved on the initial socket. This user name 7621909Slepreauis interpreted as the user identity on the 77*48388Scael.Em client Ns 's 7819010Smckusickmachine. 79*48388Scael.It 8019010SmckusickA null terminated user name of at most 16 characters 8119010Smckusickis retrieved on the initial socket. This user name 8221909Slepreauis interpreted as a user identity to use on the 83*48388Scael.Sy server Ns 's 8419010Smckusickmachine. 85*48388Scael.It 8619010SmckusickA null terminated command to be passed to a 8719010Smckusickshell is retrieved on the initial socket. The length of 8819010Smckusickthe command is limited by the upper bound on the size of 8919010Smckusickthe system's argument list. 90*48388Scael.It 91*48388Scael.Nm Rshd 9236314Sbosticthen validates the user using 93*48388Scael.Xr ruserok 3 , 94*48388Scaelwhich uses the file 95*48388Scael.Pa /etc/hosts.equiv 96*48388Scaeland the 97*48388Scael.Pa .rhosts 9836314Sbosticfile found in the user's home directory. The 99*48388Scael.Fl l 10036314Sbosticoption prevents 101*48388Scael.Xr ruserok 3 10236320Sbosticfrom doing any validation based on the user's ``.rhosts'' file, 10336320Sbosticunless the user is the superuser. 104*48388Scael.It 10521909SlepreauA null byte is returned on the initial socket 10619010Smckusickand the command line is passed to the normal login 10719010Smckusickshell of the user. The 10819010Smckusickshell inherits the network connections established 10919010Smckusickby 110*48388Scael.Nm rshd . 111*48388Scael.Pp 11236602SbosticTransport-level keepalive messages are enabled unless the 113*48388Scael.Fl n 11436602Sbosticoption is present. 11536602SbosticThe use of keepalive messages allows sessions to be timed out 11636602Sbosticif the client crashes or becomes unreachable. 117*48388Scael.El 118*48388Scael.Sh DIAGNOSTICS 11921909SlepreauExcept for the last one listed below, 12021909Slepreauall diagnostic messages 12121909Slepreauare returned on the initial socket, 12219010Smckusickafter which any network connections are closed. 12319010SmckusickAn error is indicated by a leading byte with a value of 12419010Smckusick1 (0 is returned in step 9 above upon successful completion 12521909Slepreauof all the steps prior to the execution of the login shell). 126*48388Scael.Bl -tag -width indent 127*48388Scael.It Sy Locuser too long. 12819010SmckusickThe name of the user on the client's machine is 12919010Smckusicklonger than 16 characters. 130*48388Scael.It Sy Ruser too long. 13119010SmckusickThe name of the user on the remote machine is 13219010Smckusicklonger than 16 characters. 133*48388Scael.It Sy Command too long . 13419010SmckusickThe command line passed exceeds the size of the argument 13519010Smckusicklist (as configured into the system). 136*48388Scael.It Sy Login incorrect. 13719010SmckusickNo password file entry for the user name existed. 138*48388Scael.It Sy Remote directory. 13919010SmckusickThe 140*48388Scael.Xr chdir 14119010Smckusickcommand to the home directory failed. 142*48388Scael.It Sy Permission denied. 14319010SmckusickThe authentication procedure described above failed. 144*48388Scael.It Sy Can't make pipe. 14519010SmckusickThe pipe needed for the 146*48388Scael.Em stderr , 14719010Smckusickwasn't created. 148*48388Scael.It Sy Can't fork; try again. 14919010SmckusickA 150*48388Scael.Xr fork 15119010Smckusickby the server failed. 152*48388Scael.It Sy <shellname>: ... 15321909SlepreauThe user's login shell could not be started. This message is returned 15421909Slepreauon the connection associated with the 155*48388Scael.Em stderr , 15621909Slepreauand is not preceded by a flag byte. 157*48388Scael.El 158*48388Scael.Sh SEE ALSO 159*48388Scael.Xr rsh 1 , 160*48388Scael.Xr rcmd 3 , 161*48388Scael.Xr ruserok 3 162*48388Scael.Sh BUGS 16319010SmckusickThe authentication procedure used here assumes the integrity 16419010Smckusickof each client machine and the connecting medium. This is 16519010Smckusickinsecure, but is useful in an ``open'' environment. 166*48388Scael.Pp 16719010SmckusickA facility to allow all data exchanges to be encrypted should be 16819010Smckusickpresent. 169*48388Scael.Pp 17039121SkarelsA more extensible protocol (such as Telnet) should be used. 171