rexecd: server for
rexecd is the server for the
rexec routine. The
server provides remote execution facilities with authentication based
on user names and passwords. It passes error messages and notices
syslog facility ‘LOG_DAEMON’.
rexecd listens for service requests at the port indicated in
the ‘exec’ service specification. When a service request is
received the following protocol is initiated:
rexecdthen validates the user as is done at login time and, if the authentication was successful, changes to the user’s home directory, and establishes the user and group protections of the user. If any of these steps fail the connection is aborted with a diagnostic message returned.
The only option is as follows:
Raise logging level for this service; use more than once for
increased verbosity. The
syslog facility in use is
rexecd have been built with PAM support,
it reads any setting specified for a service named ‘rexec’.
Except for the last one listed below, all diagnostic messages are returned on the initial socket, after which any network connections are closed. An error is indicated by a leading byte with a value of 1 (0 is returned in step 7 above upon successful completion of all the steps prior to the command execution).
The name is longer than 16 characters.
The password is longer than 16 characters.
The command line passed exceeds the size of the argument list (as configured into the system).
No password file entry for the user name existed.
The wrong password was supplied.
The chdir command to the home directory failed.
A fork by the server failed.
The user’s login shell could not be started. This message is returned on the connection associated with the stderr, and is not ...
Note, that indicating ‘Login incorrect’ as opposed to ‘Password incorrect’ is a security breach which allows people to probe a system for users with null passwords.