1.\" Copyright (c) 1983, 1990 The Regents of the University of California. 2.\" All rights reserved. 3.\" 4.\" %sccs.include.redist.man% 5.\" 6.\" @(#)rlogin.1 6.18 (Berkeley) 03/14/91 7.\" 8.Vx 9.Vx 10.Dd 11.Dt RLOGIN 1 12.Os BSD 4.2 13.Sh NAME 14.Nm rlogin 15.Nd remote login 16.Sh SYNOPSIS 17.Ar rlogin 18.Op Fl 8EKLdx 19.Op Fl e Ar char 20.Op Fl k Ar realm 21.Op Fl l Ar username 22.Ar host 23.Sh DESCRIPTION 24.Nm Rlogin 25starts a terminal session on a remote host 26.Ar host . 27.Pp 28.Nm Rlogin 29first attempts to use the Kerberos authorization mechanism, described below. 30If the remote host does not supporting Kerberos the standard Berkeley 31.Pa rhosts 32authorization mechanism is used. 33The options are as follows: 34.Tw Fl 35.Tp Fl 8 36The 37.Fl 8 38option allows an eight-bit input data path at all times; otherwise 39parity bits are stripped except when the remote side's stop and start 40characters are other than ^S/^Q. 41.Tp Fl E 42The 43.Fl E 44option stops any character from being recognized as an escape character. 45When used with the 46.Fl 8 47option, this provides a completely transparent connection. 48.Tp Fl K 49The 50.Fl K 51option turns off all Kerberos authentication. 52.Tp Fl L 53The 54.Fl L 55option allows the rlogin session to be run in ``litout'' (see 56.Xr tty 4 ) 57mode. 58.Tp Fl d 59The 60.Fl d 61option turns on socket debugging (see 62.Xr setsockopt 2 ) 63on the TCP sockets used for communication with the remote host. 64.Tp Fl e 65The 66.Fl e 67option allows user specification of the escape character, which is 68``~'' by default. 69This specification may be as a literal character, or as an octal 70value in the form \ennn. 71.Tp Fl k 72The 73.FL k 74option requests rlogin to obtain tickets for the remote host 75in realm 76.Ar realm 77instead of the remote host's realm as determined by 78.Xr krb_realmofhost 3 . 79.Tp Fl x 80The 81.Fl x 82option turns on DES encryption for all data passed via the 83rlogin session. 84This may impact response time and CPU utilization, but provides 85increased security. 86.Tp 87.Pp 88A line of the form ``<escape char>.'' disconnects from the remote host. 89Similarly, the line ``<escape char>^Z'' will suspend the 90.Nm rlogin 91session, and ``<escape char><delayed-suspend char>'' suspends the 92send portion of the rlogin, but allows output from the remote system. 93By default, the tilde (``~'') character is the escape character, and 94normally control-Y (``^Y'') is the delayed-suspend character. 95.Pp 96All echoing takes place at the remote site, so that (except for delays) 97the 98.Nm rlogin 99is transparent. 100Flow control via ^S/^Q and flushing of input and output on interrupts 101are handled properly. 102.Sh KERBEROS AUTHENTICATION 103Each user may have a private authorization list in the file 104.Pa .klogin 105in their home directory. 106Each line in this file should contain a Kerberos principal name of the 107form 108.Ar principal.instance@realm . 109If the originating user is authenticated to one of the principals named 110in 111.Pa .klogin , 112access is granted to the account. 113The principal 114.Ar accountname.@localrealm 115is granted access if 116there is no 117.Pa .klogin 118file. 119Otherwise a login and password will be prompted for on the remote machine 120as in 121.Xr login 1 . 122To avoid certain security problems, the 123.Pa .klogin 124file must be owned by 125the remote user. 126.Pp 127If Kerberos authentication fails, a warning message is printed and the 128standard Berkeley 129.Em rlogin 130is used instead. 131.Sh ENVIRONMENT 132The following environment variable is utilized by 133.Nm rlogin : 134.Tw Fl 135.Tp Ev TERM 136to find user's terminal type. 137.Tp 138.Sh SEE ALSO 139.Xr rsh 1 , 140.Xr kerberos 3 , 141.Xr krb_sendauth 3 , 142.Xr krb_realmofhost 3 143.Sh HISTORY 144.Nm Rlogin 145appeared in 4.2 BSD. 146.Sh BUGS 147.Nm Rlogin 148will be replaced by 149.Xr telnet 1 150in the near future. 151.Pp 152More of the environment should be propagated. 153