telnetlogin(8) [debian man page]
TELNETLOGIN(8) BSD System Manager's Manual TELNETLOGIN(8) NAME
telnetlogin -- login wrapper for telnetd SYNOPSIS
telnetlogin [-h host] [-p] [-f username] [username] DESCRIPTION
telnetlogin is a setuid wrapper that runs login(1). It is meant to be invoked by telnetd(8); the idea is to remove the necessity of running telnetd as root. telnetlogin should be installed mode 4750, user root, group telnetd. Then, telnetd may be run from /etc/inetd.conf as user ``nobody'', group ``telnetd'', and with the option -L path-to-telnetlogin. telnetlogin accepts only the subset of options to login(1) shown above, in the order listed. This is the order telnetd 8 normally provides them in. telnetlogin also does sanity checks on the environment variables TERM, and REMOTEHOST. It also insists that the standard input, output, and error streams are open on a terminal, and that it is the process group leader of the foreground process of that terminal. After checking all of these conditions, checking the values of the above environment variables for reasonable values, resetting signal handlers, and so forth, it execs login. SEE ALSO
login(1), inetd.conf(5), inetd(8), telnetd(8) RESTRICTIONS
THIS IS PRESENTLY EXPERIMENTAL CODE; USE WITH CAUTION. HISTORY
telnetlogin was written during the development of NetKit 0.17. Linux NetKit (0.17) April 12, 2000 Linux NetKit (0.17)
Check Out this Related Man Page
LOGIN(8) System Manager's Manual LOGIN(8) NAME
login.krb5 - kerberos enhanced login program SYNOPSIS
login.krb5 [-p] [-fFe username] [-r | -k | -K | -h hostname] DESCRIPTION
login.krb5 is a modification of the BSD login program which is used for two functions. It is the sub-process used by krlogind and telnetd to initiate a user session and it is a replacement for the command-line login program which, when invoked with a password, acquires Ker- beros tickets for the user. login.krb5 will prompt for a username, or take one on the command line, as login.krb5 username and will then prompt for a password. This password will be used to acquire Kerberos Version 5 tickets (if possible.) It will also attempt to run aklog to get AFS tokens for the user. The version 5 tickets will be tested against a local krb5.keytab if it is available, in order to verify the tickets, before letting the user in. However, if the password matches the entry in /etc/passwd the user will be unconditionally allowed (permitting use of the machine in case of network failure.) OPTIONS
-p preserve the current environment -r hostname pass hostname to rlogind. Must be the last argument. -h hostname pass hostname to telnetd, etc. Must be the last argument. -f name Perform pre-authenticated login, e.g., datakit, xterm, etc.; allows preauthenticated login as root. -F name Perform pre-authenticated login, e.g., datakit, xterm, etc.; allows preauthenticated login as root. -e name Perform pre-authenticated, encrypted login. Must do term negotiation. CONFIGURATION
login.krb5 is also configured via krb5.conf using the login stanza. A collection of options dealing with initial authentication are pro- vided: krb5_get_tickets Use password to get V5 tickets. Default value true. krb_run_aklog Attempt to run aklog. Default value false. aklog_path Where to find it [not yet implemented.] Default value $(prefix)/bin/aklog. accept_passwd Don't accept plaintext passwords [not yet implemented]. Default value false. DIAGNOSTICS
All diagnostic messages are returned on the connection or tty associated with stderr. SEE ALSO
rlogind(8), rlogin(1), telnetd(8) LOGIN(8)