rshd(1M) TCP/IP R4.11 rshd(1M)
NAME
rshd - remote shell server
SYNOPSIS
/usr/bin/rshd
DESCRIPTION
The rshd server is for the rcmd(3X) routine and, consequently, for
the rsh(1C) program. The server provides remote execution facilities
with authentication based on privileged port numbers.
The rshd server is invoked by the inetd server when an incoming
connection is detected on the port specified in /etc/services. See
inetd(1M) and services(4) for details. When a service request is
received, inetd invokes rshd and the following protocol is initiated:
1) The server checks the client's source port. If the port is
not in the range 0-1023, the server aborts the connection.
2) The server reads characters from the socket up to a null
(`\0') byte. The resultant string is interpreted as an ASCII
number, base 10.
3) If the number received in step 2 is nonzero, it is interpreted
as the port number of a secondary stream to be used for the
stderr. A second connection is then created to the specified
port on the client's machine. The source port of this second
connection is also in the range 0-1023.
4) The server checks the client's source address. If the address
is associated with a host for which no corresponding entry
exists in the hostname database (see hosts(4)), the server
aborts the connection.
5) A null-terminated username of at most 16 characters is
retrieved on the initial socket. This username is interpreted
as a user identity to use on the server's machine.
6) A null-terminated username of at most 16 characters is
retrieved on the initial socket. This username is interpreted
as the user identity on the client's machine.
7) A null-terminated command to be passed to a shell is retrieved
on the initial socket. The length of the command is limited
by the upper bound on the size of the system's argument list.
8) The rshd server then validates the user according to the
following steps.
a) The username on the client machine is looked up in the
password file and a chdir is performed to the user's home
directory. If either the lookup or chdir fail, the connection
is terminated.
b) If the user does not have appropriate privilege, the file
/etc/hosts.equiv is consulted for a list of hosts considered
equivalent. If the client's hostname is present in this file,
the authentication is considered successful.
On a generic DG/UX system, appropriate privilege is granted by
having an effective UID of 0 (root). See the
appropriate_privilege(5) man page for more information.
On a system with DG/UX information security, appropriate privilege is
granted by having one or more specific capabilities enabled in the
effective capability set of the user. See cap_defaults(5) for the
default capabilities for this command.
c) If the lookup fails, or the user has appropriate privilege,
then the file .rhosts in the home directory of the remote user
is checked for the machine name and identity of the user on
the client's machine. If this lookup fails, the connection is
terminated.
9) A null byte is returned on the connection associated with the
stderr, and the command line is passed to the normal log-in
shell of the user. The shell inherits the network connections
established by rshd.
ENVIRONMENT
When you use rsh hostname command, the environment for the command is
not the same as for the login shell. For example, /etc/TIMEZONE,
/etc/profile and .profile are not executed for Bourne shell users and
/etc/TIMEZONE.csh, /etc/login, and .login are not executed for C
shell users (however, .cshrc is executed). On the other hand, when
you use rsh hostname, you are performing the equivalent of rlogin
hostname, and the environment is the same as for the login shell.
Beginning in DG/UX System Release 4.10, rshd will set the timezone
environment variable, TZ, to the value it inherits from inetd.
Commands executed via rshd on a system with the Cluster product
installed cannot be directed to execute on another cluster node by
the Cluster product's Class Scheduling Facility.
DIAGNOSTICS
All diagnostic messages are returned on the connection associated
with the stderr, after which any network connections are closed. An
error is indicated by a leading byte with a value of one (1) (zero is
returned in step 9 above after successful completion of all the steps
prior to the command execution).
locuser too long The name of the user on the
client's machine is longer than 16
characters.
remuser too long The name of the user on the remote
machine is longer than 16
characters.
command too long The command line passed exceeds
the size of the argument list (as
configured into the system).
Hostname for your address unknown No entry in the hostname database
exists for the client's machine.
Login incorrect No password file entry exists for
the username.
No remote directory The chdir command to the home
directory failed.
Permission denied The authentication procedure
(described above) failed.
Can't make pipe The pipe needed for the stderr
wasn't created.
Try again A fork by the server failed.
/bin/sh: ... The user's login shell could not
be started.
SEE ALSO
rsh(1C), inetd(1M), rcmd(3X), hosts.equiv(4M), cap_defaults(5).
BUGS
The authentication procedure used here assumes the integrity of each
client machine and of the connecting medium. This is not secure but
is useful in an "open" environment.
Licensed material--property of copyright holder(s)