NAME
login
- authenticate users and set up their session environment
SYNOPSIS
login
[-Ffps]
[-a address]
[-h hostname]
[user]
DESCRIPTION
The
login
utility logs users (and pseudo-users) into the computer system.
If no user is specified, or if a user is specified and authentication
of the user fails,
login
prompts for a user name.
Authentication of users is done via passwords.
If the user can be authenticated via
S/Key,
then the
S/Key
challenge is incorporated in the password prompt.
The user then has the option of entering their Kerberos or normal
password or the
S/Key
response.
Neither will be echoed.
The options are as follows:
- -a
-
The
-a
option specifies the address of the host from which the connection was received.
It is used by various daemons such as
telnetd(8).
This option may only be used by the super-user.
- -F
-
The
-F
option acts like the
-f
option, but also indicates to
login(1)
that it should attempt to rewrite an existing kerberos5 credentials cache
(specified by the KRB5CCNAME environment variable) after dropping
permissions to the user logging in.
This flag is not supported under
pam(8).
- -f
-
The
-f
option is used when a user name is specified to indicate that proper
authentication has already been done and that no password need be
requested.
This option may only be used by the super-user or when an already
logged in user is logging in as themselves.
- -h
-
The
-h
option specifies the host from which the connection was received.
It is used by various daemons such as
telnetd(8).
This option may only be used by the super-user.
- -p
-
By default,
login
discards any previous environment.
The
-p
option disables this behavior.
- -s
-
Require a secure authentication mechanism like
Kerberos
or
S/Key
to be used.
This flag is not supported under
pam(8).
If a user other than the superuser attempts to login while the file
/etc/nologin
exists,
login
displays its contents to the user and exits.
This is used by
shutdown(8)
to prevent normal users from logging in when the system is about to go down.
Immediately after logging a user in,
login
displays the system copyright notice, the date and time the user last
logged in, the message of the day as well as other information.
If the file
``
.hushlogin
''
exists in the user's home directory, all of these messages are suppressed.
This is to simplify logins for non-human users, such as
uucp(1).
login
then records an entry in the
wtmp(5)
and
utmp(5)
files, executes site-specific login commands via the
ttyaction(3)
facility with an action of "login", and executes the user's command
interpreter.
login
enters information into the environment (see
environ(7))
specifying the user's home directory (HOME), command interpreter (SHELL),
search path (PATH), terminal type (TERM) and user name (both LOGNAME and
USER).
The standard shells,
csh(1)
and
sh(1),
do not fork before executing the
login
utility.
FILES
/etc/motd
-
message-of-the-day
/etc/nologin
-
disallows non-superuser logins
/var/run/utmp
-
list of current logins
/var/log/lastlog
-
last login account records
/var/log/wtmp
-
login account records
/var/mail/user
-
system mailboxes
.hushlogin
-
makes login quieter
SEE ALSO
chpass(1),
passwd(1),
rlogin(1),
skey(1),
getpass(3),
ttyaction(3),
login.conf(5),
passwd.conf(5),
utmp(5),
environ(7),
kerberos(8),
pam(8)
HISTORY
A
login
appeared in
Version 6 AT&T UNIX
.
TRADEMARKS AND PATENTS
S/Key
is a trademark of
Bellcore.