[ Previous | Next | Table of Contents | Index | Library Home | Legal | Search ]

Commands Reference, Volume 4


rlogin Command

Purpose

Connects a local host with a remote host.

Syntax

rlogin RemoteHost [ -e Character ] [ -8 ] [ -l User ] [ -f | -F ] [ -k realm]

Description

The /usr/bin/rlogin command logs into a specified remote host and connects your local terminal to the remote host.

The remote terminal type is the same as that given in the TERM local environment variable. The terminal or window size is also the same, if the remote host supports them, and any changes in size are transferred. All echoing takes place at the remote host, so except for delays, the terminal connection is transparent. The Ctrl-S and Ctrl-Q key sequences stop and start the flow of information, and the input and output buffers are flushed on interrupts.

Remote Command Execution

When using the rlogin command, you can create a link to your path using a host name as the link name. For example:

ln -s /usr/bin/rsh HostName

Entering the host name specified by the HostName parameter with an argument (command) at the prompt, automatically uses the rsh command to remotely execute the command specified on the command line of the remote host specified by the HostName parameter.

Entering the host name specified by the HostName parameter without an argument (command) at the prompt, automatically uses the rlogin command to log in to the remote host specified by the HostName parameter.

In addition to the preceding conditions, the rlogin command also allows access to the remote host if the remote user account does not have a password defined. However, for security reasons, the use of a password on all user accounts is recommended.

The rlogin command execs (using the exec command) the /usr/sbin/login file to validate a user. This 1) allows all user and device attributes to take effect on telnet connections and 2) causes remote logins to count against the maximum number of login sessions allowable at a time (determined by the maxlogins attribute). Attributes are defined in the /etc/security/user and /etc/security/login.cfg files.

POSIX Line Discipline

The rlogind and telnetd daemons use POSIX line discipline to change the line discipline on the local TTY. If POSIX line discipline is not used on the local TTY, echoing other line disciplines may result in improper behavior. TCP/IP must have POSIX line discipline to function properly.

Flags


-8 Allows an 8-bit data path at all times. Otherwise, unless the start and stop characters on the remote host are not Ctrl-S and Ctrl-Q, the rlogin command uses a 7-bit data path and parity bits are stripped.
-e Character Changes the escape character. Substitute the character you choose for Character.
-f Causes the credentials to be forwarded. This flag will be ignored if Kerberos 5 is not the current authentication method. Authentication will fail if the current DCE credentials are not marked forwardable.
-F Causes the credentials to be forwarded. In addition, the credentials on the remote system will be marked forwardable (allowing them to be passed to another remote system). This flag will be ignored if Kerberos 5 is not the current authentication method. Authentication will fail if the current DCE credentials are not marked forwardable.
-k realm Allows the user to specify the realm of the remote station if it is different from the local systems realm. For these purposes, a realm is synonymous with a DCE cell. This flag will be ignored if Kerberos 5 is not the current authentication method.  
-l User Changes the remote user name to the one you specify. Otherwise, your local user name is used at the remote host.

Security

There are multiple authentication methods, each requiring different things to be set in order to allow the connection.

For Standard Authentication

The remote host allows access only if one or both of the following conditions is satisfied:

Although you can set any permissions for the $HOME/.rhosts file, it is recommended that the permissions of the .rhosts file be set to 600 (read and write by owner only).

For Kerberos 5 Authentication

The remote host allows access only if all of the following conditions are satisfied:

Unless otherwise modified by the -e flag, the standard escape character is a tilde (~). The escape character is only recognized by the remote host if it occurs at the beginning of a line. Otherwise, the escape character is sent to the remote host as a normal character. To send the escape character to the remote host as a normal character at the beginning of a line, press the escape character twice. Pressing the escape character and a period (for example, ~.) immediately disconnects the local terminal from the remote host.

Examples

  1. To log in to a remote host with your local user name, enter:

    rlogin host2
    

    You are prompted to enter your password and then are logged in to the remote host host2.

    To logoff the remote host, and close the connection, enter ~. (tilde, period).

  2. To log in to a remote host with a different user name, enter:
    rlogin host2 -l dale
    You are prompted to enter your password and then are logged in to the remote host host2 with the user name dale.

    To logoff the remote host, and close the connection, enter ~. (tilde, period).

  3. To log in to a remote host with your local user name and change the escape character, enter:
    rlogin host2 -e\
    You are prompted to enter your password and then are logged in to the remote host host2. The escape character has been changed to \ (backslash).

    To logoff the remote host, and close the connection, enter \. (backslash, period).

Related Information

The ftp command, login command, rcp command, rexec command, rsh command, telnet command.

The rlogind and krlogind daemon.

The kvalid_user function.

The hosts.equiv file format, .rhosts file format.

Network Overview in AIX 5L Version 5.1 System Management Guide: Communications and Networks.

Secure Rcmds in AIX 5L Version 5.1 System User's Guide: Communications and Networks.


[ Previous | Next | Table of Contents | Index | Library Home | Legal | Search ]