1.\" $NetBSD: login.1,v 1.20 2001/04/04 09:37:51 wiz Exp $ 2.\" 3.\" Copyright (c) 1980, 1990, 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. All advertising materials mentioning features or use of this software 15.\" must display the following acknowledgement: 16.\" This product includes software developed by the University of 17.\" California, Berkeley and its contributors. 18.\" 4. Neither the name of the University nor the names of its contributors 19.\" may be used to endorse or promote products derived from this software 20.\" without specific prior written permission. 21.\" 22.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32.\" SUCH DAMAGE. 33.\" 34.\" @(#)login.1 8.2 (Berkeley) 5/5/94 35.\" 36.Dd January 13, 1999 37.Dt LOGIN 1 38.Os 39.Sh NAME 40.Nm login 41.Nd authenticate users and set up their session environment 42.Sh SYNOPSIS 43.Nm 44.Op Fl Ffps 45.Op Fl h Ar hostname 46.Op Ar user 47.Sh DESCRIPTION 48The 49.Nm 50utility logs users (and pseudo-users) into the computer system. 51.Pp 52If no user is specified, or if a user is specified and authentication 53of the user fails, 54.Nm 55prompts for a user name. 56Authentication of users is done via passwords. 57If the user can be authenticated via 58.Tn S/Key , 59then the 60.Tn S/Key 61challenge is incorporated in the password prompt. 62The user then has the option of entering their Kerberos or normal 63password or the 64.Tn S/Key 65response. 66Neither will be echoed. 67.Pp 68The options are as follows: 69.Bl -tag -width Ds 70.It Fl F 71The 72.Fl F 73option acts like the 74.Fl f 75option, but also indicates to \fBlogin\fR 76that it should attempt to rewrite an existing kerberos5 credentials cache 77(specified by the KRB5CCNAME environment variable) after dropping 78permissions to the user logging in. 79.It Fl f 80The 81.Fl f 82option is used when a user name is specified to indicate that proper 83authentication has already been done and that no password need be 84requested. 85This option may only be used by the super-user or when an already 86logged in user is logging in as themselves. 87.It Fl h 88The 89.Fl h 90option specifies the host from which the connection was received. 91It is used by various daemons such as 92.Xr telnetd 8 . 93This option may only be used by the super-user. 94.It Fl p 95By default, 96.Nm 97discards any previous environment. 98The 99.Fl p 100option disables this behavior. 101.It Fl s 102Require a secure authentication mechanism like 103.Tn Kerberos 104or 105.Tn S/Key 106to be used. 107.El 108.Pp 109If a user other than the superuser attempts to login while the file 110.Pa /etc/nologin 111exists, 112.Nm 113displays its contents to the user and exits. 114This is used by 115.Xr shutdown 8 116to prevent normal users from logging in when the system is about to go down. 117.Pp 118Immediately after logging a user in, 119.Nm 120displays the system copyright notice, the date and time the user last 121logged in, the message of the day as well as other information. 122If the file 123.Dq Pa .hushlogin 124exists in the user's home directory, all of these messages are suppressed. 125This is to simplify logins for non-human users, such as 126.Xr uucp 1 . 127.Nm 128then records an entry in the 129.Xr wtmp 5 130and 131.Xr utmp 5 132files, executes site-specific login commands via the 133.Xr ttyaction 3 134facilty with an action of "login", and executes the user's command 135interpreter. 136.Pp 137.Nm 138enters information into the environment (see 139.Xr environ 7 ) 140specifying the user's home directory (HOME), command interpreter (SHELL), 141search path (PATH), terminal type (TERM) and user name (both LOGNAME and 142USER). 143.Pp 144The standard shells, 145.Xr csh 1 146and 147.Xr sh 1 , 148do not fork before executing the 149.Nm 150utility. 151.Sh FILES 152.Bl -tag -width /var/mail/userXXX -compact 153.It Pa /etc/motd 154message-of-the-day 155.It Pa /etc/nologin 156disallows non-superuser logins 157.It Pa /var/run/utmp 158list of current logins 159.It Pa /var/log/lastlog 160last login account records 161.It Pa /var/log/wtmp 162login account records 163.It Pa /var/mail/user 164system mailboxes 165.It Pa \&.hushlogin 166makes login quieter 167.El 168.Sh SEE ALSO 169.Xr chpass 1 , 170.Xr passwd 1 , 171.Xr rlogin 1 , 172.Xr skey 1 , 173.Xr getpass 3 , 174.Xr ttyaction 3 , 175.Xr login.conf 5 , 176.Xr passwd.conf 5 , 177.Xr utmp 5 , 178.Xr environ 7 , 179.Xr kerberos 8 180.Sh HISTORY 181A 182.Nm 183appeared in 184.At v6 . 185.Sh TRADEMARKS AND PATENTS 186.Tn S/Key 187is a trademark of 188.Tn Bellcore . 189