1.\" $NetBSD: rshd.8,v 1.12 2002/02/08 01:30:08 ross Exp $ 2.\" 3.\" Copyright (c) 1983, 1989, 1991, 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. All advertising materials mentioning features or use of this software 15.\" must display the following acknowledgement: 16.\" This product includes software developed by the University of 17.\" California, Berkeley and its contributors. 18.\" 4. Neither the name of the University nor the names of its contributors 19.\" may be used to endorse or promote products derived from this software 20.\" without specific prior written permission. 21.\" 22.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32.\" SUCH DAMAGE. 33.\" 34.\" from: @(#)rshd.8 8.1 (Berkeley) 6/4/93 35.\" 36.Dd January 22, 2000 37.Dt RSHD 8 38.Os 39.Sh NAME 40.Nm rshd 41.Nd remote shell server 42.Sh SYNOPSIS 43.Nm 44.Op Fl alnL 45.Sh DESCRIPTION 46The 47.Nm 48server 49is the server for the 50.Xr rcmd 3 51routine and, consequently, for the 52.Xr rsh 1 53program. The server provides remote execution facilities 54with authentication based on privileged port numbers from trusted hosts. 55.Pp 56The 57.Nm 58server 59listens for service requests at the port indicated in 60the ``cmd'' service specification; see 61.Xr services 5 . 62When a service request is received the following protocol 63is initiated: 64.Bl -enum 65.It 66The server checks the client's source port. 67If the port is not in the range 512-1023, the server 68aborts the connection. 69.It 70The server reads characters from the socket up 71to a null (`\e0') byte. The resultant string is 72interpreted as an 73.Tn ASCII 74number, base 10. 75.It 76If the number received in step 2 is non-zero, 77it is interpreted as the port number of a secondary 78stream to be used for the 79.Em stderr . 80A second connection is then created to the specified 81port on the client's machine. The source port of this 82second connection is also in the range 512-1023. 83.It 84The server checks the client's source address 85and requests the corresponding host name (see 86.Xr gethostbyaddr 3 , 87.Xr hosts 5 88and 89.Xr named 8 ) . 90If the hostname cannot be determined, 91the dot-notation representation of the host address is used. 92If the hostname is in the same domain as the server (according to 93the last two components of the domain name), 94or if the 95.Fl a 96option is given, 97the addresses for the hostname are requested, 98verifying that the name and address correspond. 99If address verification fails, the connection is aborted 100with the message, ``Host address mismatch.'' 101.It 102A null terminated user name of at most 16 characters 103is retrieved on the initial socket. This user name 104is interpreted as the user identity on the 105.Em client Ns 's 106machine. 107.It 108A null terminated user name of at most 16 characters 109is retrieved on the initial socket. This user name 110is interpreted as a user identity to use on the 111.Sy server Ns 's 112machine. 113.It 114A null terminated command to be passed to a 115shell is retrieved on the initial socket. The length of 116the command is limited by the upper bound on the size of 117the system's argument list. 118.It 119.Nm 120then validates the user using 121.Xr ruserok 3 , 122which uses the file 123.Pa /etc/hosts.equiv 124and the 125.Pa .rhosts 126file found in the user's home directory. The 127.Fl l 128option prevents 129.Xr ruserok 3 130from doing any validation based on the user's ``.rhosts'' file, 131unless the user is the superuser. 132.It 133If the file 134.Pa /etc/nologin 135exists and the user is not the superuser, 136the connection is closed. 137.It 138A null byte is returned on the initial socket 139and the command line is passed to the normal login 140shell of the user. The 141shell inherits the network connections established 142by 143.Nm "" . 144.El 145.Pp 146Transport-level keepalive messages are enabled unless the 147.Fl n 148option is present. 149The use of keepalive messages allows sessions to be timed out 150if the client crashes or becomes unreachable. 151.Pp 152The 153.Fl L 154option causes all successful accesses to be logged to 155.Xr syslogd 8 156as 157.Li auth.info 158messages. 159.Sh DIAGNOSTICS 160Except for the last one listed below, 161all diagnostic messages 162are returned on the initial socket, 163after which any network connections are closed. 164An error is indicated by a leading byte with a value of 1651 (0 is returned in step 10 above upon successful completion 166of all the steps prior to the execution of the login shell). 167.Bl -tag -width indent 168.It Sy Locuser too long. 169The name of the user on the client's machine is 170longer than 16 characters. 171.It Sy Ruser too long. 172The name of the user on the remote machine is 173longer than 16 characters. 174.It Sy Command too long . 175The command line passed exceeds the size of the argument 176list (as configured into the system). 177.It Sy Login incorrect. 178No password file entry for the user name existed. 179.It Sy Remote directory. 180The 181.Xr chdir 2 182to the home directory failed. 183.It Sy Permission denied. 184The authentication procedure described above failed. 185.It Sy Can't make pipe. 186The pipe needed for the 187.Em stderr , 188wasn't created. 189.It Sy Can't fork; try again. 190A 191.Xr fork 2 192by the server failed. 193.It Sy \*[Lt]shellname\*[Gt]: ... 194The user's login shell could not be started. This message is returned 195on the connection associated with the 196.Em stderr , 197and is not preceded by a flag byte. 198.El 199.Sh SEE ALSO 200.Xr rsh 1 , 201.Xr rcmd 3 , 202.Xr ruserok 3 , 203.Xr login.conf 5 204.Sh BUGS 205The authentication procedure used here assumes the integrity 206of each client machine and the connecting medium. This is 207insecure, but is useful in an ``open'' environment. 208.Pp 209A facility to allow all data exchanges to be encrypted should be 210present. 211.Pp 212A more extensible protocol (such as Telnet) should be used. 213.Pp 214.Nm 215intentionally rejects accesses from IPv4 mapped address on top of 216.Dv AF_INET6 217socket, since IPv4 mapped address complicates host-address based 218authentication. 219If you would like to accept connections from IPv4 peers, you will need to run 220.Nm 221on top of 222.Dv AF_INET 223socket, not 224.Dv AF_INET6 225socket. 226