Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ remshd(1M) — A/UX 2.0

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

remsh(1N)

inetd(1M)

rcmd(3N)




remshd(1M) remshd(1M)
NAME remshd - remote shell server SYNOPSIS /etc/in.remshd host.port DESCRIPTION remshd is the server for the rcmd(3N) routine and, conse- quently, for remsh(1N). remshd is started by inetd, see inetd(1M). The server provides remote execution facilities with authentication based on privileged port numbers. remshd listens for service requests at the port indicated in the cmd service specification; see services(4N). When remshd receives a service request, it initiates the follow- ing protocol: 1. remshd checks the client's source port. If the port is not in the range 0-1023, it aborts the connection. The client's host address (in hex) and port number (in de- cimal) are the arguments passed to remshd. 2. remshd reads characters from the socket up to a null (``\0'') byte. It interprets the resultant string as an ASCII number, base 10. 3. If remshd receives a port number (in step 1) which is non-zero, it interprets it as the port number of a secon- dary stream to use for the stderr. It then creates a second connection to the specified port on the client's machine. The source port of this second connection is also in the range 0-1023. 4. remshd checks the client's source address. If the ad- dress is associated with a host which has no correspond- ing entry in the host name data base (see hosts(4N)), remshd aborts the connection. 5. remshd retrieves a null-terminated user name up to 16 characters long on the initial socket. It interprets this user name as a user identity to use on the server's machine. 6. remshd retrieves a null-terminated user name up to 16 characters long on the initial socket. It interprets this user name as the user identity on the client's machine. 7. remshd retrieves a null-terminated command on the initial socket to passed to a shell. The length of the command is limited by the size of the system's argument list. 8. remshd validates the user according to the following April, 1990 1



remshd(1M) remshd(1M)
steps. It looks up the remote user name in the password file and performs a chdir to the user's home directory. If either the lookup or chdir fail, it terminates the connection. If the user is not the superuser, (user ID 0), it consults the file /etc/hosts.equiv for a list of ``equivalent'' hosts. If the client's host name is in this file, the authentication is considered successful. If the lookup fails, or the user is the superuser, it checks the file .rhosts in the home directory of the re- mote user for the machine name and identity of the user on the client's machine. If this lookup fails, it ter- minates the connection. 9. remshd returns a null byte on the connection associated with the stderr and passes the command line to the normal login shell of the user. The shell inherits the network connections established by remshd. DIAGNOSTICS remshd returns all diagnostic messages on the connection as- sociated with the stderr, after which it closes any network connections. It indicates an error by a leading byte with a value of 1 (it returns 0 in step 9 above if it has success- fully completed all the steps up to command execution). locuser too long The name of the user on the client's machine is longer than 16 characters. remuser too long The name of the user on the remote machine is longer than 16 characters. command too long The command line passed exceeds the size of the argument list (as configured into the system). Hostname for your address unknown. There is no entry in the host name database for the client's machine. Login incorrect. There is no password file entry for the user name. No remote directory. The chdir command to the home directory failed. Permission denied. The authentication procedure described above failed. Can't make pipe. The pipe needed for the stderr, wasn't created. 2 April, 1990



remshd(1M) remshd(1M)
Try again. A fork by the server failed. /bin/sh: ... Could not start the user's login shell. FILES /etc/in.remshd SEE ALSO remsh(1N), inetd(1M), rcmd(3N). BUGS The authentication procedure used here assumes the integrity of each client machine and the connecting medium. This is insecure, but is useful in an ``open'' environment. There should be a facility allowing all data exchanges to be encrypted. April, 1990 3

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026