Next: , Previous: rsh invocation, Up: Top


11 rlogin: Remote login

rlogin command logs into a specified remote host and connects your local terminal to the remote host. The remote terminal type is the same as that given in the TERM local environment variable. The terminal or window size is also the same, if the remote host supports them, and any changes in size are transferred.

When using the rlogin command, you can create a link to your path using a host name as the link name. For example:

     # ln -s /usr/bin/rlogin hostname
     # hostname -8

Using hostname automatically uses the rlogin to log in to the remote host named hostname.

rlogin allows access to the remote host without the use of a passwd. For details, See rcmd.

11.1 Invoking

The options are as follows :

-8
--8-bit
Allows an eight-bit input data path at all times; otherwise parity bits are stripped except when the remote side's stop and start characters are other than C-S/C-Q.
-E
--no-escape
--no-escape
Stops any character from being recognized as an escape character. When used with the -8 option, this provides a completely transparent connection.
-K
--kerberos
Turns off all Kerberos authentication.
-d
--debug
Turns on socket debugging on the TCP sockets used for communication with the remote host.
-e
--escape=char
Allows user specification of the escape character, which is ‘~’ by default. This specification may be as a literal character, or as an octal value in the form ‘\nnn’.
-k
--realm=realm
The option requests rlogin to obtain tickets for the remote host in realm realm instead of the remote host's realm.
-x
--encrypt
Turns on DES encryption for all data passed via the rlogin session. This may impact response time and CPU utilization, but provides increased security.

A line of the form escape-char. disconnects from the remote host. Similarly, the line escape-charC-Z will suspend the rlogin session, and escape-chardelayed-suspend-char suspends the send portion of the rlogin, but allows output from the remote system. By default, the tilde (‘~) character’ is the escape-char, and normally C-Y is the delayed-suspend-char.

All echoing takes place at the remote site, so that (except for delays) the rlogin is transparent. Flow control via C-S/C-Q, if supported, stop and start the flow of information, flushing of input and output on interrupts are handled properly.

On the server side the iruserok and ruserok functions are used to authenticate, see the appropriate man page for more information, if supported.

11.2 Kerberos Authentication

If rlogin was compiled with kerberos support, options -x, -k, -K are available. Each user may have a private authorization list in the file .klogin in their home directory. Each line in this file should contain a Kerberos principal name of the form ‘principal.instance@realm’. If the originating user is authenticated to one of the principals named in .klogin, access is granted to the account. The principal ‘accountname.@localrealm’ is granted access if there is no .klogin file. Otherwise a login and password will be prompted for on the remote machine as in login. To avoid certain security problems, the .klogin file must be owned by the remote user. If Kerberos authentication fails, a warning message is printed and the standard Berkeley rlogin is used instead.