1.\" Copyright (c) 1983, 1989, 1991 The Regents of the University of California. 2.\" All rights reserved. 3.\" 4.\" %sccs.include.redist.man% 5.\" 6.\" @(#)rshd.8 6.11 (Berkeley) 04/20/91 7.\" 8.Dd 9.Dt RSHD 8 10.Os BSD 4.2 11.Sh NAME 12.Nm rshd 13.Nd remote shell server 14.Sh SYNOPSIS 15.Nm rshd 16.Op Fl aln 17.Sh DESCRIPTION 18The 19.Nm rshd 20server 21is the server for the 22.Xr rcmd 3 23routine and, consequently, for the 24.Xr rsh 1 25program. The server provides remote execution facilities 26with authentication based on privileged port numbers from trusted hosts. 27.Pp 28The 29.Nm rshd 30server 31listens for service requests at the port indicated in 32the ``cmd'' service specification; see 33.Xr services 5 . 34When a service request is received the following protocol 35is initiated: 36.Bl -enum 37.It 38The server checks the client's source port. 39If the port is not in the range 512-1023, the server 40aborts the connection. 41.It 42The server reads characters from the socket up 43to a null (`\e0') byte. The resultant string is 44interpreted as an 45.Tn ASCII 46number, base 10. 47.It 48If the number received in step 2 is non-zero, 49it is interpreted as the port number of a secondary 50stream to be used for the 51.Em stderr . 52A second connection is then created to the specified 53port on the client's machine. The source port of this 54second connection is also in the range 512-1023. 55.It 56The server checks the client's source address 57and requests the corresponding host name (see 58.Xr gethostbyaddr 3 , 59.Xr hosts 5 60and 61.Xr named 8 ) . 62If the hostname cannot be determined, 63the dot-notation representation of the host address is used. 64If the hostname is in the same domain as the server (according to 65the last two components of the domain name), 66or if the 67.Fl a 68option is given, 69the addresses for the hostname are requested, 70verifying that the name and address correspond. 71If address verification fails, the connection is aborted 72with the message, ``Host address mismatch.'' 73.It 74A null terminated user name of at most 16 characters 75is retrieved on the initial socket. This user name 76is interpreted as the user identity on the 77.Em client Ns 's 78machine. 79.It 80A null terminated user name of at most 16 characters 81is retrieved on the initial socket. This user name 82is interpreted as a user identity to use on the 83.Sy server Ns 's 84machine. 85.It 86A null terminated command to be passed to a 87shell is retrieved on the initial socket. The length of 88the command is limited by the upper bound on the size of 89the system's argument list. 90.It 91.Nm Rshd 92then validates the user using 93.Xr ruserok 3 , 94which uses the file 95.Pa /etc/hosts.equiv 96and the 97.Pa .rhosts 98file found in the user's home directory. The 99.Fl l 100option prevents 101.Xr ruserok 3 102from doing any validation based on the user's ``.rhosts'' file, 103unless the user is the superuser. 104.It 105A null byte is returned on the initial socket 106and the command line is passed to the normal login 107shell of the user. The 108shell inherits the network connections established 109by 110.Nm rshd . 111.Pp 112Transport-level keepalive messages are enabled unless the 113.Fl n 114option is present. 115The use of keepalive messages allows sessions to be timed out 116if the client crashes or becomes unreachable. 117.El 118.Sh DIAGNOSTICS 119Except for the last one listed below, 120all diagnostic messages 121are returned on the initial socket, 122after which any network connections are closed. 123An error is indicated by a leading byte with a value of 1241 (0 is returned in step 9 above upon successful completion 125of all the steps prior to the execution of the login shell). 126.Bl -tag -width indent 127.It Sy Locuser too long. 128The name of the user on the client's machine is 129longer than 16 characters. 130.It Sy Ruser too long. 131The name of the user on the remote machine is 132longer than 16 characters. 133.It Sy Command too long . 134The command line passed exceeds the size of the argument 135list (as configured into the system). 136.It Sy Login incorrect. 137No password file entry for the user name existed. 138.It Sy Remote directory. 139The 140.Xr chdir 141command to the home directory failed. 142.It Sy Permission denied. 143The authentication procedure described above failed. 144.It Sy Can't make pipe. 145The pipe needed for the 146.Em stderr , 147wasn't created. 148.It Sy Can't fork; try again. 149A 150.Xr fork 151by the server failed. 152.It Sy <shellname>: ... 153The user's login shell could not be started. This message is returned 154on the connection associated with the 155.Em stderr , 156and is not preceded by a flag byte. 157.El 158.Sh SEE ALSO 159.Xr rsh 1 , 160.Xr rcmd 3 , 161.Xr ruserok 3 162.Sh BUGS 163The authentication procedure used here assumes the integrity 164of each client machine and the connecting medium. This is 165insecure, but is useful in an ``open'' environment. 166.Pp 167A facility to allow all data exchanges to be encrypted should be 168present. 169.Pp 170A more extensible protocol (such as Telnet) should be used. 171