rexecd(1M) rexecd(1M)
NAME
rexecd - remote execution server
SYNOPSIS
/etc/rexecd
DESCRIPTION
rexecd is the server for the rexec(3N) routine. The server
provides remote execution facilities with authentication
based on user names and encrypted passwords.
rexecd listens for service requests at the port indicated in
the exec service specification; see services(4N). When it
receives a service request, it initiates the following
protocol:
1. The server reads characters from the socket up to a null
(`\0') byte. It interprets the resultant string as an
ASCII number, base 10.
2. If rexecd receives a number (in step 1) which is non-
zero, it interprets it as the port number of a secondary
stream to use for the stderr. It then creates a second
connection to the specified port on the client's machine.
3. rexecd retrieves a null-terminated user name up to 16
characters long on the initial socket.
4. rexecd retrieves a null-terminated, encrypted, password
up to 16 characters long on the initial socket.
5. rexecd retrieves a null-terminated command on the initial
socket to pass to a shell. The command length is limited
by the size of the system's argument list.
6. rexecd validates the user as is done at login time. If
the user is authenticated, it changes to the user's home
directory, and establishes user and group protections.
If any of these steps fail, rexecd aborts the connection
aborted and returns a diagnostic message.
7. rexecd returns a null byte on the connection associated
with the stderr and passes the command line to the normal
login shell of the user. The shell inherits the network
connections established by rexecd.
DIAGNOSTICS
rexecd returns all diagnostic messages on the connection
associated with the stderr, after which it closes any
network connections. It indicates an error by a leading
byte with a value of 1 (it returns 0 in step 7 above if it
has successfully completed all the steps up to command
Page 1 (last mod. 1/15/87)
rexecd(1M) rexecd(1M)
execution).
username too long
The name is longer than 16 characters.
password too long
The password is longer than 16 characters.
command too long
The command line passed exceeds the size of the argument
list (as configured into the system).
Login incorrect.
There is no password file entry for the user name.
Password incorrect.
You supplied the wrong password.
No remote directory.
The chdir command to the home directory failed.
Try again.
A fork by the server failed.
/bin/sh: ...
Could not start the user's login shell.
FILES
/etc/rexecd
BUGS
Indicating Login incorrect instead of Password incorrect is
a security breach which allows people to probe a system for
users with null passwords.
There should be a facility allowing all data exchanges to be
encrypted.
Page 2 (last mod. 1/15/87)