1.\" Copyright (c) 1983, 1990 The Regents of the University of California. 2.\" All rights reserved. 3.\" 4.\" %sccs.include.redist.roff% 5.\" 6.\" @(#)rlogin.1 6.19 (Berkeley) 07/27/91 7.\" 8.Dd 9.Dt RLOGIN 1 10.Os BSD 4.2 11.Sh NAME 12.Nm rlogin 13.Nd remote login 14.Sh SYNOPSIS 15.Ar rlogin 16.Op Fl 8EKLdx 17.Op Fl e Ar char 18.Op Fl k Ar realm 19.Op Fl l Ar username 20.Ar host 21.Sh DESCRIPTION 22.Nm Rlogin 23starts a terminal session on a remote host 24.Ar host . 25.Pp 26.Nm Rlogin 27first attempts to use the Kerberos authorization mechanism, described below. 28If the remote host does not supporting Kerberos the standard Berkeley 29.Pa rhosts 30authorization mechanism is used. 31The options are as follows: 32.Bl -tag -width flag 33.It Fl 8 34The 35.Fl 8 36option allows an eight-bit input data path at all times; otherwise 37parity bits are stripped except when the remote side's stop and start 38characters are other than 39^S/^Q . 40.It Fl E 41The 42.Fl E 43option stops any character from being recognized as an escape character. 44When used with the 45.Fl 8 46option, this provides a completely transparent connection. 47.It Fl K 48The 49.Fl K 50option turns off all Kerberos authentication. 51.It Fl L 52The 53.Fl L 54option allows the rlogin session to be run in ``litout'' (see 55.Xr tty 4 ) 56mode. 57.It Fl d 58The 59.Fl d 60option turns on socket debugging (see 61.Xr setsockopt 2 ) 62on the TCP sockets used for communication with the remote host. 63.It Fl e 64The 65.Fl e 66option allows user specification of the escape character, which is 67``~'' by default. 68This specification may be as a literal character, or as an octal 69value in the form \ennn. 70.It Fl k 71The 72.FL k 73option requests rlogin to obtain tickets for the remote host 74in realm 75.Ar realm 76instead of the remote host's realm as determined by 77.Xr krb_realmofhost 3 . 78.It Fl x 79The 80.Fl x 81option turns on 82.Tn DES 83encryption for all data passed via the 84rlogin session. 85This may impact response time and 86.Tn CPU 87utilization, but provides 88increased security. 89.El 90.Pp 91A line of the form ``<escape char>.'' disconnects from the remote host. 92Similarly, the line ``<escape char>^Z'' will suspend the 93.Nm rlogin 94session, and ``<escape char><delayed-suspend char>'' suspends the 95send portion of the rlogin, but allows output from the remote system. 96By default, the tilde (``~'') character is the escape character, and 97normally control-Y (``^Y'') is the delayed-suspend character. 98.Pp 99All echoing takes place at the remote site, so that (except for delays) 100the 101.Nm rlogin 102is transparent. 103Flow control via ^S/^Q and flushing of input and output on interrupts 104are handled properly. 105.Sh KERBEROS AUTHENTICATION 106Each user may have a private authorization list in the file 107.Pa .klogin 108in their home directory. 109Each line in this file should contain a Kerberos principal name of the 110form 111.Ar principal.instance@realm . 112If the originating user is authenticated to one of the principals named 113in 114.Pa .klogin , 115access is granted to the account. 116The principal 117.Ar accountname.@localrealm 118is granted access if 119there is no 120.Pa .klogin 121file. 122Otherwise a login and password will be prompted for on the remote machine 123as in 124.Xr login 1 . 125To avoid certain security problems, the 126.Pa .klogin 127file must be owned by 128the remote user. 129.Pp 130If Kerberos authentication fails, a warning message is printed and the 131standard Berkeley 132.Nm rlogin 133is used instead. 134.Sh ENVIRONMENT 135The following environment variable is utilized by 136.Nm rlogin : 137.Bl -tag -width TERM 138.It Ev TERM 139Determines the user's terminal type. 140.El 141.Sh SEE ALSO 142.Xr rsh 1 , 143.Xr kerberos 3 , 144.Xr krb_sendauth 3 , 145.Xr krb_realmofhost 3 146.Sh HISTORY 147The 148.Nm rlogin 149command appeared in 150.Bx 4.2 . 151.Sh BUGS 152.Nm Rlogin 153will be replaced by 154.Xr telnet 1 155in the near future. 156.Pp 157More of the environment should be propagated. 158