Options supported by :
.rhosts
''
file, unless the user is logging in as the superuser.
auth.info
messages.
rlogind listens for service requests at the port indicated in the ``login'' service specification; see services(5). When a service request is received the following protocol is initiated:
Once the source port and address have been checked, rlogind proceeds with the authentication process described in rshd(8). It then allocates a pseudo terminal (see pty(4)), and manipulates file descriptors so that the slave half of the pseudo terminal becomes the stdin, stdout, and stderr for a login process. The login process is an instance of the login(1) program, invoked with the -f option if authentication has succeeded. If automatic authentication fails, the user is prompted to log in as if on a standard terminal line.
The parent of the login process manipulates the master side of
the pseudo terminal, operating as an intermediary
between the login process and the client instance of the
rlogin(1)
program.
In normal operation, the packet protocol described in
pty(4)
is invoked to provide
`^S/^Q'
type facilities and propagate
interrupt signals to the remote programs.
The login process propagates the client terminal's baud rate and
terminal type, as found in the environment variable,
`TERM
';
see
environ(7).
The screen or window size of the terminal is requested from the client,
and window size changes from the client are propagated to the pseudo terminal.
Transport-level keepalive messages are enabled unless the -n option is present. The use of keepalive messages allows sessions to be timed out if the client crashes or becomes unreachable.
At the end of a login session, rlogind invokes the ttyaction(3) facility with an action of "rlogind" and user "root" to execute site-specific commands.
A facility to allow all data exchanges to be encrypted should be present.
A more extensible protocol should be used.
rlogind
intentionally rejects accesses from IPv4 mapped address on top of
AF_INET6
socket, since IPv4 mapped address complicates host-address based
authentication.
If you would like to accept connections from IPv4 peers, you will need to run
rlogind
on top of
AF_INET
socket, not
AF_INET6
socket.