1.\" $NetBSD: rexecd.8,v 1.9 2002/02/08 01:30:08 ross Exp $ 2.\" 3.\" Copyright (c) 1983, 1991, 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. All advertising materials mentioning features or use of this software 15.\" must display the following acknowledgement: 16.\" This product includes software developed by the University of 17.\" California, Berkeley and its contributors. 18.\" 4. Neither the name of the University nor the names of its contributors 19.\" may be used to endorse or promote products derived from this software 20.\" without specific prior written permission. 21.\" 22.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32.\" SUCH DAMAGE. 33.\" 34.\" from: @(#)rexecd.8 8.3 (Berkeley) 6/1/94 35.\" 36.Dd June 1, 1994 37.Dt REXECD 8 38.Os 39.Sh NAME 40.Nm rexecd 41.Nd remote execution server 42.Sh SYNOPSIS 43.Nm 44.Sh DESCRIPTION 45.Nm 46is the server for the 47.Xr rexec 3 48routine. 49The server provides remote execution facilities with authentication 50based on user names and passwords. 51.Pp 52.Nm 53listens for service requests at the port indicated in 54the ``exec'' service specification; see 55.Xr services 5 . 56When a service request is received the following protocol 57is initiated: 58.Bl -enum 59.It 60The server reads characters from the socket up to a NUL 61.Pq Ql \e0 62byte. 63The resultant string is interpreted as an 64.Tn ASCII 65number, base 10. 66.It 67If the number received in step 1 is non-zero, 68it is interpreted as the port number of a secondary 69stream to be used for the 70.Em stderr . 71A second connection is then created to the specified 72port on the client's machine. 73.It 74A NUL terminated user name of at most 16 characters 75is retrieved on the initial socket. 76.It 77A NUL terminated, unencrypted password of at most 7816 characters is retrieved on the initial socket. 79.It 80A NUL terminated command to be passed to a 81shell is retrieved on the initial socket. 82The length of the command is limited by the upper bound on the size 83of the system's argument list. 84.It 85.Nm 86then validates the user as is done at login time and, if the 87authentication was successful, changes to the user's home directory, 88and establishes the user and group protections of the user. 89If any of these steps fail the connection is 90aborted with a diagnostic message returned. 91.It 92A NUL byte is returned on the initial socket and the command line 93is passed to the normal login shell of the user. 94The shell inherits the network connections established by 95.Nm "" . 96.El 97.Sh DIAGNOSTICS 98Except for the last one listed below, 99all diagnostic messages are returned on the initial socket, 100after which any network connections are closed. 101An error is indicated by a leading byte with a value of 1021 (0 is returned in step 7 above upon successful completion 103of all the steps prior to the command execution). 104.Pp 105.Bl -tag -width Ds 106.It Sy username too long 107The name is 108longer than 16 characters. 109.It Sy password too long 110The password is longer than 16 characters. 111.It Sy command too long 112The command line passed exceeds the size of the argument 113list (as configured into the system). 114.It Sy Login incorrect. 115No password file entry for the user name existed. 116.It Sy Password incorrect. 117The wrong password was supplied. 118.ne 1i 119.It Sy \&No remote directory. 120The 121.Xr chdir 2 122to the home directory failed. 123.It Sy Try again. 124A 125.Xr fork 2 126by the server failed. 127.It Sy \*[Lt]shellname\*[Gt]: ... 128The user's login shell could not be started. 129This message is returned 130on the connection associated with the 131.Em stderr , 132and is not preceded by a flag byte. 133.El 134.Sh SEE ALSO 135.Xr rexec 3 136.Sh HISTORY 137The 138.Nm 139command appeared in 140.Bx 4.2 . 141.Sh BUGS 142Indicating ``Login incorrect'' as opposed to ``Password incorrect'' 143is a security breach which allows people to probe a system for users 144with null passwords. 145.Pp 146A facility to allow all data and password exchanges to be encrypted should be 147present. 148.Sh SECURITY CONSIDERATIONS 149As the passwords exchanged by the client and 150.Nm 151are not encrypted, it is 152.Em strongly 153recommended that this service is not enabled. 154