rlogin - remote login
rlogin rhost [-ec] [-8] [-c] [ -a] [-f] [-F] [-t termtype] [-n] [-7] [-PN | -PO] [-d] [-k
realm] [-x] [-L] [-l username]
Rlogin connects your terminal on the current local host system lhost to the remote host
The version built to use Kerberos authentication is very similar to the standard Berkeley
rlogin(1), except that instead of the rhosts mechanism, it uses Kerberos authentication to
determine the authorization to use a remote account.
Each user may have a private authorization list in a file .k5login in his login directory.
Each line in this file should contain a Kerberos principal name of the form princi-
pal/instance@realm. If the originating user is authenticated to one of the principals
named in .k5login, access is granted to the account. If there is no /.k5login file, the
principal will be granted access to the account according to the aname->lname mapping
rules. (See krb5_anadd(8) for more details.) Otherwise a login and password will be
prompted for on the remote machine as in login(1). To avoid some security problems, the
.k5login file must be owned by the remote user.
If there is some problem in marshaling the Kerberos authentication information, an error
message is printed and the standard UCB rlogin is executed in place of the Kerberos
A line of the form ``~.'' disconnects from the remote host, where ``~'' is the escape
character. Similarly, the line ``~^Z'' (where ^Z, control-Z, is the suspend character)
will suspend the rlogin session. Substitution of the delayed-suspend character (normally
^Y) for the suspend character suspends the send portion of the rlogin, but allows output
from the remote system.
The remote terminal type is the same as your local terminal type (as given in your envi-
ronment TERM variable), unless the -t option is specified (see below). The terminal or
window size is also copied to the remote system if the server supports the option, and
changes in size are reflected as well.
All echoing takes place at the remote site, so that (except for delays) the rlogin is
transparent. Flow control via ^S and ^Q and flushing of input and output on interrupts
are handled properly.
-8 allows an eight-bit input data path at all times; otherwise parity bits are
stripped except when the remote side's stop and start characters are other than
^S/^Q. Eight-bit mode is the default.
-L allows the rlogin session to be run in litout mode.
-ec sets the escape character to c. There is no space separating this option flag and
the new escape character.
-c require confirmation before disconnecting via ``~.''
-a force the remote machine to ask for a password by sending a null local username.
This option has no effect unless the standard UCB rlogin is executed in place of
the Kerberos rlogin (see above).
-f forward a copy of the local credentials to the remote system.
-F forward a forwardable copy of the local credentials to the remote system.
replace the terminal type passed to the remote host with termtype.
-n prevent suspension of rlogin via ``~^Z'' or ``~^Y''.
-7 force seven-bit transmissions.
-d turn on socket debugging (via setsockopt(2)) on the TCP sockets used for communica-
tion with the remote host.
-k request rlogin to obtain tickets for the remote host in realm realm instead of the
remote host's realm as determined by krb_realmofhost(3).
-x turn on DES encryption for all data passed via the rlogin session. This signifi-
cantly reduces response time and significantly increases CPU utilization.
-PO Explicitly request new or old version of the Kerberos ``rcmd'' protocol. The new
protocol avoids many security problems found in the old one, but is not interopera-
ble with older servers. (An "input/output error" and a closed connection is the
most likely result of attempting this combination.) If neither option is speci-
fied, some simple heuristics are used to guess which to try.
rsh(1), kerberos(3), krb_sendauth(3), krb_realmofhost(3), rlogin(1) [UCB version]
~/.k5login (on remote host) - file containing Kerberos principals that are allowed
More of the environment should be propagated.