P. 1
Linux Certification Bible

Linux Certification Bible

4.0

|Views: 2.327|Likes:
Publicado porMarcelo

More info:

Published by: Marcelo on Dec 18, 2008
Direitos Autorais:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

01/17/2013

pdf

text

original

Remote login (rlogin) is a utility that allows an authorized user to log in to other
Linux or UNIX machines on a network and perform tasks as if the user were physi-
cally located at the remote (often called the host) computer. The rloginprogram
uses the terminal type description from the local system and uses it on the remote
system. The rloginprogram uses rhostauthorization method to provide security.
The rhost authorization uses the combination of the hosts.equiv and .rhosts files to
authenticate users. These files are used to list hosts and users, which are allowed
by the local system (the system being accessed) to make a connection via rlogin
and SSH. These files use the format of hostname [username]. The hostname uses
the FQDN or address, +@netgroup, or the + wildcard, which allow all hosts for this
field. The username may use the user name on the remote system, the +@netgroup,
or the + wildcard, which allows all users for this field or have no entry at all. To cre-
ate a connection to a system with rlogin, use the command switches in Table 7-5.

Table 7-5

rlogin Client Switches

Switch

Description

Example

-D

This enables socket debugging on the TCP sockets

-D

used for communication.

-E

Used to stop any character from being recognized

-E

as an escape character.

-e

Used to specify the character to be used as the

-e character

escape character.

-l

Used to specify an alternate user name for the

-l username

remote login.

-t

Used to change from the default terminal type, ansi,

-t dumb or ansi

and use the only other available terminal type, dumb.

-8

The -8 option allows an eight-bit input data path at

-8

all times.

-K

This turns off all Kerberos authentication if available.

-K

-L

Used to allow the rloginsession to be run in litout

-L

mode, see tty4 for more information.

114881-6 ch07.F 11/12/01 8:30 AM Page 246

247

Chapter 7 ✦Configuring Networking

Switch

Description

Example

-k

This requests rloginto obtain tickets for the .

-k

remote host-in-realm realm instead of the remote
hosts realm as determined by krb_realmofhost

-x

The -x option turns on DES encryption for all data

-x

passed via the rloginsession.

The rlogincommand is not much use without the server side service running on
the remote system. To provide this feature, the rloginprogram requires the
rlogind. The rloginddaemon is the server for rloginand provides the authenti-
cation for connections. The server checks the remote system’s source TCP/IP port
and if it isn’t in the range 512-1023, the server aborts the connection. Then the
server checks the remote system source address and hostname. After this is com-
pleted, authentication takes place. The rloginddaemon is usually located at
/usr/sbin/rlogindand is normally started with the inetd. Luckily, the rlogind
daemon is started by the inetd by default. The inetd daemon listens for connections
on certain Internet sockets in the /etc/inetd.conf and initiates the appropriate
daemon.

The rlogincommand and rlogind daemon are used to provide remote access to a
system, however it has some issues with security, as some earlier versions allowed
root access by mistake. Also, rlogincan only be used to connect UNIX, UNIX-like,
and Microsoft systems.

You're Reading a Free Preview

Descarregar
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->