1.\" Copyright (c) 1983, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 3. Neither the name of the University nor the names of its contributors 13.\" may be used to endorse or promote products derived from this software 14.\" without specific prior written permission. 15.\" 16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26.\" SUCH DAMAGE. 27.\" 28.\" @(#)telnetd.8 8.4 (Berkeley) 6/1/94 29.\" $FreeBSD: src/crypto/telnet/telnetd/telnetd.8,v 1.5.2.6 2002/04/13 10:59:09 markm Exp $ 30.\" 31.Dd July 27, 2009 32.Dt TELNETD 8 33.Os 34.Sh NAME 35.Nm telnetd 36.Nd DARPA 37.Tn TELNET 38protocol server 39.Sh SYNOPSIS 40.Nm /usr/libexec/telnetd 41.\".Op Fl BUhlkn 42.Op Fl Uhlkn 43.Op Fl D Ar debugmode 44.Op Fl S Ar tos 45.Op Fl X Ar authtype 46.Op Fl a Ar authmode 47.Op Fl edebug 48.Op Fl p Ar loginprog 49.Op Fl u Ar len 50.Op Fl debug Op Ar port 51.Sh DESCRIPTION 52The 53.Nm 54command is a server which supports the 55.Tn DARPA 56standard 57.Tn TELNET 58virtual terminal protocol. 59.Nm Telnetd 60is normally invoked by the internet server (see 61.Xr inetd 8 ) 62for requests to connect to the 63.Tn TELNET 64port as indicated by the 65.Pa /etc/services 66file (see 67.Xr services 5 ) . 68The 69.Fl debug 70option may be used to start up 71.Nm 72manually, instead of through 73.Xr inetd 8 . 74If started up this way, 75.Ar port 76may be specified to run 77.Nm 78on an alternate 79.Tn TCP 80port number. 81.Pp 82The 83.Nm 84command accepts the following options: 85.Bl -tag -width indent 86.It Fl a Ar authmode 87This option may be used for specifying what mode should 88be used for authentication. 89Note that this option is only useful if 90.Nm 91has been compiled with support for the 92.Dv AUTHENTICATION 93option. 94There are several valid values for 95.Ar authmode : 96.Bl -tag -width debug 97.It Cm debug 98Turn on authentication debugging code. 99.It Cm user 100Only allow connections when the remote user 101can provide valid authentication information 102to identify the remote user, 103and is allowed access to the specified account 104without providing a password. 105.It Cm valid 106Only allow connections when the remote user 107can provide valid authentication information 108to identify the remote user. 109The 110.Xr login 1 111command will provide any additional user verification 112needed if the remote user is not allowed automatic 113access to the specified account. 114.It Cm other 115Only allow connections that supply some authentication information. 116This option is currently not supported 117by any of the existing authentication mechanisms, 118and is thus the same as specifying 119.Fl a 120.Cm valid . 121.It Cm none 122This is the default state. 123Authentication information is not required. 124If no or insufficient authentication information 125is provided, then the 126.Xr login 1 127program will provide the necessary user 128verification. 129.It Cm off 130Disable the authentication code. 131All user verification will happen through the 132.Xr login 1 133program. 134.El 135.\".It Fl B 136.\"Specify bftp server mode. 137.\"In this mode, 138.\".Nm 139.\"causes login to start a 140.\".Xr bftp 1 141.\"session rather than the user's normal shell. 142.\"In bftp daemon mode normal logins are not supported, and it must be used 143.\"on a port other than the normal 144.\".Tn TELNET 145.\"port. 146.It Fl D Ar debugmode 147This option may be used for debugging purposes. 148This allows 149.Nm 150to print out debugging information 151to the connection, allowing the user to see what 152.Nm 153is doing. 154There are several possible values for 155.Ar debugmode : 156.Bl -tag -width exercise 157.It Cm options 158Print information about the negotiation of 159.Tn TELNET 160options. 161.It Cm report 162Print the 163.Cm options 164information, plus some additional information 165about what processing is going on. 166.It Cm netdata 167Display the data stream received by 168.Nm . 169.It Cm ptydata 170Display data written to the pty. 171.It Cm exercise 172Has not been implemented yet. 173.El 174.It Fl debug 175Enable debugging on each socket created by 176.Nm 177(see 178.Dv SO_DEBUG 179in 180.Xr socket 2 ) . 181.It Fl edebug 182If 183.Nm 184has been compiled with support for data encryption, then the 185.Fl edebug 186option may be used to enable encryption debugging code. 187.It Fl h 188Disable the printing of host-specific information before 189login has been completed. 190.It Fl k 191This option is only useful if 192.Nm 193has been compiled with both linemode and kludge linemode 194support. 195If the 196.Fl k 197option is specified, then if the remote client does not 198support the 199.Dv LINEMODE 200option, then 201.Nm 202will operate in character at a time mode. 203It will still support kludge linemode, but will only 204go into kludge linemode if the remote client requests 205it. 206(This is done by the client sending 207.Dv DONT SUPPRESS-GO-AHEAD 208and 209.Dv DONT ECHO . ) 210The 211.Fl k 212option is most useful when there are remote clients 213that do not support kludge linemode, but pass the heuristic 214(if they respond with 215.Dv WILL TIMING-MARK 216in response to a 217.Dv DO TIMING-MARK ) 218for kludge linemode support. 219.It Fl l 220Specify line mode. 221Try to force clients to use line-at-a-time mode. 222If the 223.Dv LINEMODE 224option is not supported, it will go 225into kludge linemode. 226.It Fl n 227Disable 228.Dv TCP 229keep-alives. 230Normally 231.Nm 232enables the 233.Tn TCP 234keep-alive mechanism to probe connections that 235have been idle for some period of time to determine 236if the client is still there, so that idle connections 237from machines that have crashed or can no longer 238be reached may be cleaned up. 239.It Fl p Ar loginprog 240Specify an alternate 241.Xr login 1 242command to run to complete the login. 243The alternate command must 244understand the same command arguments as the standard login. 245.It Fl S Ar tos 246.It Fl u Ar len 247This option is used to specify the size of the field 248in the 249.Dv utmp 250structure that holds the remote host name. 251If the resolved host name is longer than 252.Ar len , 253the dotted decimal value will be used instead. 254This allows hosts with very long host names that 255overflow this field to still be uniquely identified. 256Specifying 257.Fl u0 258indicates that only dotted decimal addresses 259should be put into the 260.Pa utmp 261file. 262.It Fl U 263This option causes 264.Nm 265to refuse connections from addresses that 266cannot be mapped back into a symbolic name 267via the 268.Xr gethostbyaddr 3 269routine. 270.It Fl X Ar authtype 271This option is only valid if 272.Nm 273has been built with support for the authentication option. 274It disables the use of 275.Ar authtype 276authentication, and 277can be used to temporarily disable 278a specific authentication type without having to recompile 279.Nm . 280.El 281.Pp 282.Nm Telnetd 283operates by allocating a pseudo-terminal device (see 284.Xr pty 4 ) 285for a client, then creating a login process which has 286the slave side of the pseudo-terminal as 287.Dv stdin , 288.Dv stdout 289and 290.Dv stderr . 291.Nm Telnetd 292manipulates the master side of the pseudo-terminal, 293implementing the 294.Tn TELNET 295protocol and passing characters 296between the remote client and the login process. 297.Pp 298When a 299.Tn TELNET 300session is started up, 301.Nm 302sends 303.Tn TELNET 304options to the client side indicating 305a willingness to do the 306following 307.Tn TELNET 308options, which are described in more detail below: 309.Bd -literal -offset indent 310DO AUTHENTICATION 311WILL ENCRYPT 312DO TERMINAL TYPE 313DO TSPEED 314DO XDISPLOC 315DO NEW-ENVIRON 316DO ENVIRON 317WILL SUPPRESS GO AHEAD 318DO ECHO 319DO LINEMODE 320DO NAWS 321WILL STATUS 322DO LFLOW 323DO TIMING-MARK 324.Ed 325.Pp 326The pseudo-terminal allocated to the client is configured 327to operate in 328.Dq cooked 329mode, and with 330.Dv XTABS and 331.Dv CRMOD 332enabled (see 333.Xr tty 4 ) . 334.Pp 335.Nm Telnetd 336has support for enabling locally the following 337.Tn TELNET 338options: 339.Bl -tag -width "DO AUTHENTICATION" 340.It "WILL ECHO" 341When the 342.Dv LINEMODE 343option is enabled, a 344.Dv WILL ECHO 345or 346.Dv WONT ECHO 347will be sent to the client to indicate the 348current state of terminal echoing. 349When terminal echo is not desired, a 350.Dv WILL ECHO 351is sent to indicate that 352.Nm 353will take care of echoing any data that needs to be 354echoed to the terminal, and then nothing is echoed. 355When terminal echo is desired, a 356.Dv WONT ECHO 357is sent to indicate that 358.Nm 359will not be doing any terminal echoing, so the 360client should do any terminal echoing that is needed. 361.It "WILL BINARY" 362Indicate that the client is willing to send a 3638 bits of data, rather than the normal 7 bits 364of the Network Virtual Terminal. 365.It "WILL SGA" 366Indicate that it will not be sending 367.Dv IAC GA , 368go ahead, commands. 369.It "WILL STATUS" 370Indicate a willingness to send the client, upon 371request, of the current status of all 372.Tn TELNET 373options. 374.It "WILL TIMING-MARK" 375Whenever a 376.Dv DO TIMING-MARK 377command is received, it is always responded 378to with a 379.Dv WILL TIMING-MARK . 380.It "WILL LOGOUT" 381When a 382.Dv DO LOGOUT 383is received, a 384.Dv WILL LOGOUT 385is sent in response, and the 386.Tn TELNET 387session is shut down. 388.It "WILL ENCRYPT" 389Only sent if 390.Nm 391is compiled with support for data encryption, and 392indicates a willingness to decrypt 393the data stream. 394.El 395.Pp 396.Nm Telnetd 397has support for enabling remotely the following 398.Tn TELNET 399options: 400.Bl -tag -width "DO AUTHENTICATION" 401.It "DO BINARY" 402Sent to indicate that 403.Nm 404is willing to receive an 8 bit data stream. 405.It "DO LFLOW" 406Requests that the client handle flow control 407characters remotely. 408.It "DO ECHO" 409This is not really supported, but is sent to identify a 410.Bx 4.2 411.Xr telnet 1 412client, which will improperly respond with 413.Dv WILL ECHO . 414If a 415.Dv WILL ECHO 416is received, a 417.Dv DONT ECHO 418will be sent in response. 419.It "DO TERMINAL-TYPE" 420Indicate a desire to be able to request the 421name of the type of terminal that is attached 422to the client side of the connection. 423.It "DO SGA" 424Indicate that it does not need to receive 425.Dv IAC GA , 426the go ahead command. 427.It "DO NAWS" 428Requests that the client inform the server when 429the window (display) size changes. 430.It "DO TERMINAL-SPEED" 431Indicate a desire to be able to request information 432about the speed of the serial line to which 433the client is attached. 434.It "DO XDISPLOC" 435Indicate a desire to be able to request the name 436of the X Window System display that is associated with 437the telnet client. 438.It "DO NEW-ENVIRON" 439Indicate a desire to be able to request environment 440variable information, as described in RFC 1572. 441.It "DO ENVIRON" 442Indicate a desire to be able to request environment 443variable information, as described in RFC 1408. 444.It "DO LINEMODE" 445Only sent if 446.Nm 447is compiled with support for linemode, and 448requests that the client do line by line processing. 449.It "DO TIMING-MARK" 450Only sent if 451.Nm 452is compiled with support for both linemode and 453kludge linemode, and the client responded with 454.Dv WONT LINEMODE . 455If the client responds with 456.Dv WILL TM , 457the it is assumed that the client supports 458kludge linemode. 459Note that the 460.Op Fl k 461option can be used to disable this. 462.It "DO AUTHENTICATION" 463Only sent if 464.Nm 465is compiled with support for authentication, and 466indicates a willingness to receive authentication 467information for automatic login. 468.It "DO ENCRYPT" 469Only sent if 470.Nm 471is compiled with support for data encryption, and 472indicates a willingness to decrypt 473the data stream. 474.El 475.Sh NOTES 476By default 477.Nm 478will read the 479.Em \&he , 480.Em \&hn , 481and 482.Em \&im 483capabilities from 484.Pa /etc/gettytab 485and use that information (if present) to determine 486what to display before the login: prompt. 487You can also use a System V style 488.Pa /etc/issue 489file by using the 490.Em \&if 491capability, which will override 492.Em \&im . 493The information specified in either 494.Em \&im 495or 496.Em \&if 497will be displayed to both console and remote logins. 498.\" .Sh ENVIRONMENT 499.Sh FILES 500.Bl -tag -width ".Pa /etc/services" -compact 501.It Pa /etc/services 502.It Pa /etc/gettytab 503.It Pa /etc/iptos 504(if supported) 505.\".It Pa /usr/ucb/bftp 506.\"(if supported) 507.El 508.Sh "SEE ALSO" 509.\".Xr bftp 1 , 510.Xr login 1 , 511.Xr telnet 1 512(if supported), 513.Xr gettytab 5 514.Sh STANDARDS 515.Bl -tag -compact -width ".Cm RFC 1572" 516.It Cm RFC 854 517.Tn TELNET 518PROTOCOL SPECIFICATION 519.It Cm RFC 855 520TELNET OPTION SPECIFICATIONS 521.It Cm RFC 856 522TELNET BINARY TRANSMISSION 523.It Cm RFC 857 524TELNET ECHO OPTION 525.It Cm RFC 858 526TELNET SUPPRESS GO AHEAD OPTION 527.It Cm RFC 859 528TELNET STATUS OPTION 529.It Cm RFC 860 530TELNET TIMING MARK OPTION 531.It Cm RFC 861 532TELNET EXTENDED OPTIONS - LIST OPTION 533.It Cm RFC 885 534TELNET END OF RECORD OPTION 535.It Cm RFC 1073 536Telnet Window Size Option 537.It Cm RFC 1079 538Telnet Terminal Speed Option 539.It Cm RFC 1091 540Telnet Terminal-Type Option 541.It Cm RFC 1096 542Telnet X Display Location Option 543.It Cm RFC 1123 544Requirements for Internet Hosts -- Application and Support 545.It Cm RFC 1184 546Telnet Linemode Option 547.It Cm RFC 1372 548Telnet Remote Flow Control Option 549.It Cm RFC 1416 550Telnet Authentication Option 551.It Cm RFC 1411 552Telnet Authentication: Kerberos Version 4 553.It Cm RFC 1412 554Telnet Authentication: SPX 555.It Cm RFC 1571 556Telnet Environment Option Interoperability Issues 557.It Cm RFC 1572 558Telnet Environment Option 559.El 560.Sh HISTORY 561IPv6 support was added by WIDE/KAME project. 562.Sh BUGS 563Some 564.Tn TELNET 565commands are only partially implemented. 566.Pp 567Because of bugs in the original 568.Bx 4.2 569.Xr telnet 1 , 570.Nm 571performs some dubious protocol exchanges to try to discover if the remote 572client is, in fact, a 573.Bx 4.2 574.Xr telnet 1 . 575.Pp 576Binary mode 577has no common interpretation except between similar operating systems 578(Unix in this case). 579.Pp 580The terminal type name received from the remote client is converted to 581lower case. 582.Pp 583.Nm Telnetd 584never sends 585.Tn TELNET 586.Dv IAC GA 587(go ahead) commands. 588