[1mSYNOPSIS[0m
[1mrlogin [4m[22mrhost[24m [[1m-e[4m[22mc[24m] [[1m-8[22m] [[1m-c[22m] [ [1m-a[22m] [[1m-f[22m] [[1m-F[22m] [[1m-t [4m[22mtermtype[24m] [[1m-n[22m] [[1m-7[22m]
[[1m-PN | -PO[22m] [[1m-d[22m] [[1m-k [4m[22mrealm[24m] [[1m-x[22m] [[1m-L[22m] [[1m-l [4m[22musername[24m]
[1mDESCRIPTION[0m
[4mRlogin[24m connects your terminal on the current local host system [4mlhost[24m to
the remote host system [4mrhost.[0m
The version built to use Kerberos authentication is very similar to the
standard Berkeley rlogin(1), except that instead of the [4mrhosts[24m mecha-
nism, it uses Kerberos authentication to determine the authorization to
use a remote account.
Each user may have a private authorization list in a file .k5login in
his login directory. Each line in this file should contain a Kerberos
principal name of the form [4mprincipal/instance@realm[24m. If the originat-
ing user is authenticated to one of the principals named in .k5login,
access is granted to the account. If there is no /.k5login file, the
principal will be granted access to the account according to the
aname->lname mapping rules. (See [4mkrb5_anadd(8)[24m for more details.)
Otherwise a login and password will be prompted for on the remote
machine as in [4mlogin[24m(1). To avoid some security problems, the .k5login
file must be owned by the remote user.
If there is some problem in marshaling the Kerberos authentication
information, an error message is printed and the standard UCB rlogin is
executed in place of the Kerberos rlogin.
A line of the form ``~.'' disconnects from the remote host, where ``~''
is the escape character. Similarly, the line ``~^Z'' (where ^Z, con-
trol-Z, is the suspend character) will suspend the rlogin session.
Substitution of the delayed-suspend character (normally ^Y) for the
suspend character suspends the send portion of the rlogin, but allows
output from the remote system.
The remote terminal type is the same as your local terminal type (as
given in your environment TERM variable), unless the [1m-t [22moption is spec-
ified (see below). The terminal or window size is also copied to the
remote system if the server supports the option, and changes in size
are reflected as well.
All echoing takes place at the remote site, so that (except for delays)
the rlogin is transparent. Flow control via ^S and ^Q and flushing of
input and output on interrupts are handled properly.
[1mOPTIONS[0m
[1m-8 [22mallows an eight-bit input data path at all times; otherwise par-
ity bits are stripped except when the remote side's stop and
start characters are other than ^S/^Q. Eight-bit mode is the
default.
[1m-F [22mforward a [4mforwardable[24m copy of the local credentials to the
remote system.
[1m-t [4m[22mtermtype[0m
replace the terminal type passed to the remote host with
[4mtermtype[24m.
[1m-n [22mprevent suspension of rlogin via ``~^Z'' or ``~^Y''.
[1m-7 [22mforce seven-bit transmissions.
[1m-d [22mturn on socket debugging (via [4msetsockopt[24m(2)) on the TCP sockets
used for communication with the remote host.
[1m-k [22mrequest rlogin to obtain tickets for the remote host in realm
[4mrealm[24m instead of the remote host's realm as determined by
[4mkrb_realmofhost[24m(3).
[1m-x [22mturn on DES encryption for data passed via the rlogin session.
This applies only to input and output streams, so the username
is sent unencrypted. This significantly reduces response time
and significantly increases CPU utilization.
[1m-PN[0m
[1m-PO [22mExplicitly request new or old version of the Kerberos ``rcmd''
protocol. The new protocol avoids many security problems found
in the old one, but is not interoperable with older servers.
(An "input/output error" and a closed connection is the most
likely result of attempting this combination.) If neither
option is specified, some simple heuristics are used to guess
which to try.
[1mSEE ALSO[0m
rsh(1), kerberos(1), krb_sendauth(3), krb_realmofhost(3), rlogin(1)
[UCB version], klogind(8)
[1mFILES[0m
~/.k5login (on remote host) - file containing Kerberos principals that
are allowed access.
[1mBUGS[0m
More of the environment should be propagated.
RLOGIN(1)
Man(1) output converted with
man2html