1.\" Copyright (c) 1983, 1989, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 3. All advertising materials mentioning features or use of this software 13.\" must display the following acknowledgement: 14.\" This product includes software developed by the University of 15.\" California, Berkeley and its contributors. 16.\" 4. Neither the name of the University nor the names of its contributors 17.\" may be used to endorse or promote products derived from this software 18.\" without specific prior written permission. 19.\" 20.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30.\" SUCH DAMAGE. 31.\" 32.\" from: @(#)rshd.8 8.1 (Berkeley) 6/4/93 33.\" $Id: rshd.8,v 1.4 1994/06/05 15:33:23 cgd Exp $ 34.\" 35.Dd June 4, 1993 36.Dt RSHD 8 37.Os BSD 4.2 38.Sh NAME 39.Nm rshd 40.Nd remote shell server 41.Sh SYNOPSIS 42.Nm rshd 43.Op Fl alnL 44.Sh DESCRIPTION 45The 46.Nm rshd 47server 48is the server for the 49.Xr rcmd 3 50routine and, consequently, for the 51.Xr rsh 1 52program. The server provides remote execution facilities 53with authentication based on privileged port numbers from trusted hosts. 54.Pp 55The 56.Nm rshd 57server 58listens for service requests at the port indicated in 59the ``cmd'' service specification; see 60.Xr services 5 . 61When a service request is received the following protocol 62is initiated: 63.Bl -enum 64.It 65The server checks the client's source port. 66If the port is not in the range 512-1023, the server 67aborts the connection. 68.It 69The server reads characters from the socket up 70to a null (`\e0') byte. The resultant string is 71interpreted as an 72.Tn ASCII 73number, base 10. 74.It 75If the number received in step 2 is non-zero, 76it is interpreted as the port number of a secondary 77stream to be used for the 78.Em stderr . 79A second connection is then created to the specified 80port on the client's machine. The source port of this 81second connection is also in the range 512-1023. 82.It 83The server checks the client's source address 84and requests the corresponding host name (see 85.Xr gethostbyaddr 3 , 86.Xr hosts 5 87and 88.Xr named 8 ) . 89If the hostname cannot be determined, 90the dot-notation representation of the host address is used. 91If the hostname is in the same domain as the server (according to 92the last two components of the domain name), 93or if the 94.Fl a 95option is given, 96the addresses for the hostname are requested, 97verifying that the name and address correspond. 98If address verification fails, the connection is aborted 99with the message, ``Host address mismatch.'' 100.It 101A null terminated user name of at most 16 characters 102is retrieved on the initial socket. This user name 103is interpreted as the user identity on the 104.Em client Ns 's 105machine. 106.It 107A null terminated user name of at most 16 characters 108is retrieved on the initial socket. This user name 109is interpreted as a user identity to use on the 110.Sy server Ns 's 111machine. 112.It 113A null terminated command to be passed to a 114shell is retrieved on the initial socket. The length of 115the command is limited by the upper bound on the size of 116the system's argument list. 117.It 118.Nm Rshd 119then validates the user using 120.Xr ruserok 3 , 121which uses the file 122.Pa /etc/hosts.equiv 123and the 124.Pa .rhosts 125file found in the user's home directory. The 126.Fl l 127option prevents 128.Xr ruserok 3 129from doing any validation based on the user's ``.rhosts'' file, 130unless the user is the superuser. 131.It 132If the file 133.Pa /etc/nologin 134exists and the user is not the superuser, 135the connection is closed. 136.It 137A null byte is returned on the initial socket 138and the command line is passed to the normal login 139shell of the user. The 140shell inherits the network connections established 141by 142.Nm rshd . 143.El 144.Pp 145Transport-level keepalive messages are enabled unless the 146.Fl n 147option is present. 148The use of keepalive messages allows sessions to be timed out 149if the client crashes or becomes unreachable. 150.Pp 151The 152.Fl L 153option causes all successful accesses to be logged to 154.Xr syslogd 8 155as 156.Li auth.info 157messages. 158.Sh DIAGNOSTICS 159Except for the last one listed below, 160all diagnostic messages 161are returned on the initial socket, 162after which any network connections are closed. 163An error is indicated by a leading byte with a value of 1641 (0 is returned in step 10 above upon successful completion 165of all the steps prior to the execution of the login shell). 166.Bl -tag -width indent 167.It Sy Locuser too long. 168The name of the user on the client's machine is 169longer than 16 characters. 170.It Sy Ruser too long. 171The name of the user on the remote machine is 172longer than 16 characters. 173.It Sy Command too long . 174The command line passed exceeds the size of the argument 175list (as configured into the system). 176.It Sy Login incorrect. 177No password file entry for the user name existed. 178.It Sy Remote directory. 179The 180.Xr chdir 181command to the home directory failed. 182.It Sy Permission denied. 183The authentication procedure described above failed. 184.It Sy Can't make pipe. 185The pipe needed for the 186.Em stderr , 187wasn't created. 188.It Sy Can't fork; try again. 189A 190.Xr fork 191by the server failed. 192.It Sy <shellname>: ... 193The user's login shell could not be started. This message is returned 194on the connection associated with the 195.Em stderr , 196and is not preceded by a flag byte. 197.El 198.Sh SEE ALSO 199.Xr rsh 1 , 200.Xr rcmd 3 , 201.Xr ruserok 3 202.Sh BUGS 203The authentication procedure used here assumes the integrity 204of each client machine and the connecting medium. This is 205insecure, but is useful in an ``open'' environment. 206.Pp 207A facility to allow all data exchanges to be encrypted should be 208present. 209.Pp 210A more extensible protocol (such as Telnet) should be used. 211