1.\" Copyright (c) 1983, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 3. Neither the name of the University nor the names of its contributors 13.\" may be used to endorse or promote products derived from this software 14.\" without specific prior written permission. 15.\" 16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26.\" SUCH DAMAGE. 27.\" 28.\" @(#)telnetd.8 8.4 (Berkeley) 6/1/94 29.\" $FreeBSD: src/crypto/telnet/telnetd/telnetd.8,v 1.5.2.6 2002/04/13 10:59:09 markm Exp $ 30.\" $DragonFly: src/crypto/telnet/telnetd/telnetd.8,v 1.2 2003/06/17 04:24:37 dillon Exp $ 31.\" 32.Dd July 27, 2009 33.Dt TELNETD 8 34.Os 35.Sh NAME 36.Nm telnetd 37.Nd DARPA 38.Tn TELNET 39protocol server 40.Sh SYNOPSIS 41.Nm /usr/libexec/telnetd 42.\".Op Fl BUhlkn 43.Op Fl Uhlkn 44.Op Fl D Ar debugmode 45.Op Fl S Ar tos 46.Op Fl X Ar authtype 47.Op Fl a Ar authmode 48.Op Fl edebug 49.Op Fl p Ar loginprog 50.Op Fl u Ar len 51.Op Fl debug Op Ar port 52.Sh DESCRIPTION 53The 54.Nm 55command is a server which supports the 56.Tn DARPA 57standard 58.Tn TELNET 59virtual terminal protocol. 60.Nm Telnetd 61is normally invoked by the internet server (see 62.Xr inetd 8 ) 63for requests to connect to the 64.Tn TELNET 65port as indicated by the 66.Pa /etc/services 67file (see 68.Xr services 5 ) . 69The 70.Fl debug 71option may be used to start up 72.Nm 73manually, instead of through 74.Xr inetd 8 . 75If started up this way, 76.Ar port 77may be specified to run 78.Nm 79on an alternate 80.Tn TCP 81port number. 82.Pp 83The 84.Nm 85command accepts the following options: 86.Bl -tag -width indent 87.It Fl a Ar authmode 88This option may be used for specifying what mode should 89be used for authentication. 90Note that this option is only useful if 91.Nm 92has been compiled with support for the 93.Dv AUTHENTICATION 94option. 95There are several valid values for 96.Ar authmode : 97.Bl -tag -width debug 98.It Cm debug 99Turn on authentication debugging code. 100.It Cm user 101Only allow connections when the remote user 102can provide valid authentication information 103to identify the remote user, 104and is allowed access to the specified account 105without providing a password. 106.It Cm valid 107Only allow connections when the remote user 108can provide valid authentication information 109to identify the remote user. 110The 111.Xr login 1 112command will provide any additional user verification 113needed if the remote user is not allowed automatic 114access to the specified account. 115.It Cm other 116Only allow connections that supply some authentication information. 117This option is currently not supported 118by any of the existing authentication mechanisms, 119and is thus the same as specifying 120.Fl a 121.Cm valid . 122.It Cm none 123This is the default state. 124Authentication information is not required. 125If no or insufficient authentication information 126is provided, then the 127.Xr login 1 128program will provide the necessary user 129verification. 130.It Cm off 131Disable the authentication code. 132All user verification will happen through the 133.Xr login 1 134program. 135.El 136.\".It Fl B 137.\"Specify bftp server mode. 138.\"In this mode, 139.\".Nm 140.\"causes login to start a 141.\".Xr bftp 1 142.\"session rather than the user's normal shell. 143.\"In bftp daemon mode normal logins are not supported, and it must be used 144.\"on a port other than the normal 145.\".Tn TELNET 146.\"port. 147.It Fl D Ar debugmode 148This option may be used for debugging purposes. 149This allows 150.Nm 151to print out debugging information 152to the connection, allowing the user to see what 153.Nm 154is doing. 155There are several possible values for 156.Ar debugmode : 157.Bl -tag -width exercise 158.It Cm options 159Print information about the negotiation of 160.Tn TELNET 161options. 162.It Cm report 163Print the 164.Cm options 165information, plus some additional information 166about what processing is going on. 167.It Cm netdata 168Display the data stream received by 169.Nm . 170.It Cm ptydata 171Display data written to the pty. 172.It Cm exercise 173Has not been implemented yet. 174.El 175.It Fl debug 176Enable debugging on each socket created by 177.Nm 178(see 179.Dv SO_DEBUG 180in 181.Xr socket 2 ) . 182.It Fl edebug 183If 184.Nm 185has been compiled with support for data encryption, then the 186.Fl edebug 187option may be used to enable encryption debugging code. 188.It Fl h 189Disable the printing of host-specific information before 190login has been completed. 191.It Fl k 192This option is only useful if 193.Nm 194has been compiled with both linemode and kludge linemode 195support. 196If the 197.Fl k 198option is specified, then if the remote client does not 199support the 200.Dv LINEMODE 201option, then 202.Nm 203will operate in character at a time mode. 204It will still support kludge linemode, but will only 205go into kludge linemode if the remote client requests 206it. 207(This is done by the client sending 208.Dv DONT SUPPRESS-GO-AHEAD 209and 210.Dv DONT ECHO . ) 211The 212.Fl k 213option is most useful when there are remote clients 214that do not support kludge linemode, but pass the heuristic 215(if they respond with 216.Dv WILL TIMING-MARK 217in response to a 218.Dv DO TIMING-MARK ) 219for kludge linemode support. 220.It Fl l 221Specify line mode. 222Try to force clients to use line-at-a-time mode. 223If the 224.Dv LINEMODE 225option is not supported, it will go 226into kludge linemode. 227.It Fl n 228Disable 229.Dv TCP 230keep-alives. 231Normally 232.Nm 233enables the 234.Tn TCP 235keep-alive mechanism to probe connections that 236have been idle for some period of time to determine 237if the client is still there, so that idle connections 238from machines that have crashed or can no longer 239be reached may be cleaned up. 240.It Fl p Ar loginprog 241Specify an alternate 242.Xr login 1 243command to run to complete the login. 244The alternate command must 245understand the same command arguments as the standard login. 246.It Fl S Ar tos 247.It Fl u Ar len 248This option is used to specify the size of the field 249in the 250.Dv utmp 251structure that holds the remote host name. 252If the resolved host name is longer than 253.Ar len , 254the dotted decimal value will be used instead. 255This allows hosts with very long host names that 256overflow this field to still be uniquely identified. 257Specifying 258.Fl u0 259indicates that only dotted decimal addresses 260should be put into the 261.Pa utmp 262file. 263.It Fl U 264This option causes 265.Nm 266to refuse connections from addresses that 267cannot be mapped back into a symbolic name 268via the 269.Xr gethostbyaddr 3 270routine. 271.It Fl X Ar authtype 272This option is only valid if 273.Nm 274has been built with support for the authentication option. 275It disables the use of 276.Ar authtype 277authentication, and 278can be used to temporarily disable 279a specific authentication type without having to recompile 280.Nm . 281.El 282.Pp 283.Nm Telnetd 284operates by allocating a pseudo-terminal device (see 285.Xr pty 4 ) 286for a client, then creating a login process which has 287the slave side of the pseudo-terminal as 288.Dv stdin , 289.Dv stdout 290and 291.Dv stderr . 292.Nm Telnetd 293manipulates the master side of the pseudo-terminal, 294implementing the 295.Tn TELNET 296protocol and passing characters 297between the remote client and the login process. 298.Pp 299When a 300.Tn TELNET 301session is started up, 302.Nm 303sends 304.Tn TELNET 305options to the client side indicating 306a willingness to do the 307following 308.Tn TELNET 309options, which are described in more detail below: 310.Bd -literal -offset indent 311DO AUTHENTICATION 312WILL ENCRYPT 313DO TERMINAL TYPE 314DO TSPEED 315DO XDISPLOC 316DO NEW-ENVIRON 317DO ENVIRON 318WILL SUPPRESS GO AHEAD 319DO ECHO 320DO LINEMODE 321DO NAWS 322WILL STATUS 323DO LFLOW 324DO TIMING-MARK 325.Ed 326.Pp 327The pseudo-terminal allocated to the client is configured 328to operate in 329.Dq cooked 330mode, and with 331.Dv XTABS and 332.Dv CRMOD 333enabled (see 334.Xr tty 4 ) . 335.Pp 336.Nm Telnetd 337has support for enabling locally the following 338.Tn TELNET 339options: 340.Bl -tag -width "DO AUTHENTICATION" 341.It "WILL ECHO" 342When the 343.Dv LINEMODE 344option is enabled, a 345.Dv WILL ECHO 346or 347.Dv WONT ECHO 348will be sent to the client to indicate the 349current state of terminal echoing. 350When terminal echo is not desired, a 351.Dv WILL ECHO 352is sent to indicate that 353.Nm 354will take care of echoing any data that needs to be 355echoed to the terminal, and then nothing is echoed. 356When terminal echo is desired, a 357.Dv WONT ECHO 358is sent to indicate that 359.Nm 360will not be doing any terminal echoing, so the 361client should do any terminal echoing that is needed. 362.It "WILL BINARY" 363Indicate that the client is willing to send a 3648 bits of data, rather than the normal 7 bits 365of the Network Virtual Terminal. 366.It "WILL SGA" 367Indicate that it will not be sending 368.Dv IAC GA , 369go ahead, commands. 370.It "WILL STATUS" 371Indicate a willingness to send the client, upon 372request, of the current status of all 373.Tn TELNET 374options. 375.It "WILL TIMING-MARK" 376Whenever a 377.Dv DO TIMING-MARK 378command is received, it is always responded 379to with a 380.Dv WILL TIMING-MARK . 381.It "WILL LOGOUT" 382When a 383.Dv DO LOGOUT 384is received, a 385.Dv WILL LOGOUT 386is sent in response, and the 387.Tn TELNET 388session is shut down. 389.It "WILL ENCRYPT" 390Only sent if 391.Nm 392is compiled with support for data encryption, and 393indicates a willingness to decrypt 394the data stream. 395.El 396.Pp 397.Nm Telnetd 398has support for enabling remotely the following 399.Tn TELNET 400options: 401.Bl -tag -width "DO AUTHENTICATION" 402.It "DO BINARY" 403Sent to indicate that 404.Nm 405is willing to receive an 8 bit data stream. 406.It "DO LFLOW" 407Requests that the client handle flow control 408characters remotely. 409.It "DO ECHO" 410This is not really supported, but is sent to identify a 411.Bx 4.2 412.Xr telnet 1 413client, which will improperly respond with 414.Dv WILL ECHO . 415If a 416.Dv WILL ECHO 417is received, a 418.Dv DONT ECHO 419will be sent in response. 420.It "DO TERMINAL-TYPE" 421Indicate a desire to be able to request the 422name of the type of terminal that is attached 423to the client side of the connection. 424.It "DO SGA" 425Indicate that it does not need to receive 426.Dv IAC GA , 427the go ahead command. 428.It "DO NAWS" 429Requests that the client inform the server when 430the window (display) size changes. 431.It "DO TERMINAL-SPEED" 432Indicate a desire to be able to request information 433about the speed of the serial line to which 434the client is attached. 435.It "DO XDISPLOC" 436Indicate a desire to be able to request the name 437of the X Window System display that is associated with 438the telnet client. 439.It "DO NEW-ENVIRON" 440Indicate a desire to be able to request environment 441variable information, as described in RFC 1572. 442.It "DO ENVIRON" 443Indicate a desire to be able to request environment 444variable information, as described in RFC 1408. 445.It "DO LINEMODE" 446Only sent if 447.Nm 448is compiled with support for linemode, and 449requests that the client do line by line processing. 450.It "DO TIMING-MARK" 451Only sent if 452.Nm 453is compiled with support for both linemode and 454kludge linemode, and the client responded with 455.Dv WONT LINEMODE . 456If the client responds with 457.Dv WILL TM , 458the it is assumed that the client supports 459kludge linemode. 460Note that the 461.Op Fl k 462option can be used to disable this. 463.It "DO AUTHENTICATION" 464Only sent if 465.Nm 466is compiled with support for authentication, and 467indicates a willingness to receive authentication 468information for automatic login. 469.It "DO ENCRYPT" 470Only sent if 471.Nm 472is compiled with support for data encryption, and 473indicates a willingness to decrypt 474the data stream. 475.El 476.Sh NOTES 477By default 478.Nm 479will read the 480.Em \&he , 481.Em \&hn , 482and 483.Em \&im 484capabilities from 485.Pa /etc/gettytab 486and use that information (if present) to determine 487what to display before the login: prompt. 488You can also use a System V style 489.Pa /etc/issue 490file by using the 491.Em \&if 492capability, which will override 493.Em \&im . 494The information specified in either 495.Em \&im 496or 497.Em \&if 498will be displayed to both console and remote logins. 499.\" .Sh ENVIRONMENT 500.Sh FILES 501.Bl -tag -width ".Pa /etc/services" -compact 502.It Pa /etc/services 503.It Pa /etc/gettytab 504.It Pa /etc/iptos 505(if supported) 506.\".It Pa /usr/ucb/bftp 507.\"(if supported) 508.El 509.Sh "SEE ALSO" 510.\".Xr bftp 1 , 511.Xr login 1 , 512.Xr telnet 1 513(if supported), 514.Xr gettytab 5 515.Sh STANDARDS 516.Bl -tag -compact -width ".Cm RFC 1572" 517.It Cm RFC 854 518.Tn TELNET 519PROTOCOL SPECIFICATION 520.It Cm RFC 855 521TELNET OPTION SPECIFICATIONS 522.It Cm RFC 856 523TELNET BINARY TRANSMISSION 524.It Cm RFC 857 525TELNET ECHO OPTION 526.It Cm RFC 858 527TELNET SUPPRESS GO AHEAD OPTION 528.It Cm RFC 859 529TELNET STATUS OPTION 530.It Cm RFC 860 531TELNET TIMING MARK OPTION 532.It Cm RFC 861 533TELNET EXTENDED OPTIONS - LIST OPTION 534.It Cm RFC 885 535TELNET END OF RECORD OPTION 536.It Cm RFC 1073 537Telnet Window Size Option 538.It Cm RFC 1079 539Telnet Terminal Speed Option 540.It Cm RFC 1091 541Telnet Terminal-Type Option 542.It Cm RFC 1096 543Telnet X Display Location Option 544.It Cm RFC 1123 545Requirements for Internet Hosts -- Application and Support 546.It Cm RFC 1184 547Telnet Linemode Option 548.It Cm RFC 1372 549Telnet Remote Flow Control Option 550.It Cm RFC 1416 551Telnet Authentication Option 552.It Cm RFC 1411 553Telnet Authentication: Kerberos Version 4 554.It Cm RFC 1412 555Telnet Authentication: SPX 556.It Cm RFC 1571 557Telnet Environment Option Interoperability Issues 558.It Cm RFC 1572 559Telnet Environment Option 560.El 561.Sh HISTORY 562IPv6 support was added by WIDE/KAME project. 563.Sh BUGS 564Some 565.Tn TELNET 566commands are only partially implemented. 567.Pp 568Because of bugs in the original 569.Bx 4.2 570.Xr telnet 1 , 571.Nm 572performs some dubious protocol exchanges to try to discover if the remote 573client is, in fact, a 574.Bx 4.2 575.Xr telnet 1 . 576.Pp 577Binary mode 578has no common interpretation except between similar operating systems 579(Unix in this case). 580.Pp 581The terminal type name received from the remote client is converted to 582lower case. 583.Pp 584.Nm Telnetd 585never sends 586.Tn TELNET 587.Dv IAC GA 588(go ahead) commands. 589