rlogin(1)rlogin(1)NAMErlogin - remote login
SYNOPSIS
rhost e] username]
rhost e] username]
In Kerberos V5 Network Authentication Environments
rhost e] realm] username]
rhost e] realm] username]
DESCRIPTION
The command connects your terminal on the local host to the remote host
(rhost). acts as a virtual terminal to the remote system. The host
name rhost can be either the official name or an alias as listed in the
file (see hosts(4)).
In non-secure or traditional environment, allows a user to log in on an
equivalent remote host, rhost, bypassing the normal login/password
sequence, in a manner similar to the command (see remsh(1)). For more
information about equivalent hosts and how to specify them in the files
and see hosts.equiv(4). The searching of the files and occurs on the
remote host, and the file must be owned by the remote user account.
If the originating user account is not equivalent to the remote user
account, the originating user is prompted for the password of the
remote account. If this fails, a login name and password are prompted
for, as when is used (see login(1)).
In a Kerberos V5 Network Authentication environment, uses the Kerberos
V5 protocol to authenticate the connection to a remote host. If the
authentication is successful, user authorization will be performed
according to the command line options selected for (i.e., A password
will not be required, so a password prompt will not be seen and a pass‐
word will not be sent over the network where it can be observed. For
further information on Kerberos authentication and authorization see
the Secure Internet Services man page, sis(5) and rlogind(1M).
Although Kerberos authentication and authorization may apply, the Ker‐
beros mechanism is not applied to the login session. All the informa‐
tion transferred between your host and the remote host is sent in
cleartext over the network.
The terminal type specified by the current environment variable is
propagated across the network and used to set the initial value of your
environment variable on the remote host. Your terminal baud rate is
also propagated to the remote host, and is required by some systems to
set up the pseudo-terminal used by (see rlogind(1M)).
All echoing takes place at the remote site, so that (except for delays)
the remote login is transparent.
If at any time is unable to read from or write to the socket connection
on the remote host, the message is printed on standard error and exits.
Options
recognizes the following options. Note that the options follow the
rhost argument.
Set the character size to seven bits.
The eighth bit of each byte sent is set to zero
(space parity).
Use an eight-bit data path.
This is the default HP-UX behavior.
To use eight-bit characters, the terminal must be
configured to generate either eight-bit charac‐
ters with no parity, or seven bit characters with
space parity. The HP-UX implementation of (see
rlogind(1M)) interprets seven bit characters with
even, odd, or mark parity as eight-bit non-
USASCII characters. You may also need to recon‐
figure the remote host appropriately (see stty(1)
and tty(7)). Some remote hosts may not provide
the necessary support for eight-bit characters.
In this case, or if it is not possible to disable
parity generation by the local terminal, use the
option.
Set the escape character to
e. There is no space separating the option let‐
ter and the argument character. To start a line
with the escape character, two of the escape
characters must be entered. The default escape
character is tilde Some characters may conflict
with your terminal configuration, such as or
backspace. Using one of these as the escape
character may not be possible or may cause prob‐
lems communicating with the remote host (see
stty(1) and tty(7)).
This option can be used to set the user login name on the remote
host to
username. The default name is the current
account name of the user invoking
Kerberos-specific Options
The default Kerberos options for the applications are set in the con‐
figuration file. Refer to the in the krb5.conf(4) manpage for more
information. The options and described in the subsequent paragraphs,
can be set in the file with the tag names and respectively. Refer to
the krb5.conf(4) manpage for more information on the
The option can be set in the file within If is set to true and the ker‐
beros authentication fails, will use the non-secure mode of authentica‐
tion.
Note: Command line options override the configuration file
options.
This option is only applicable in a secure environment based on
Kerberos V5.
It can be used to forward the ticket granting ticket
(TGT) to the remote system. The TGT is not forwardable
from there.
This option is only applicable in a secure environment based on
Kerberos V5.
It can be used to forward the TGT to the remote system
and have it forwardable from there to another remote sys‐
tem. The option and option are mutually exclusive.
This option is only applicable in a secure environment based on
Kerberos V5.
It can be used to obtain tickets from the remote host in
the specified realm instead of the remote host's default
realm as specified in the configuration file
Escape Sequences
can be controlled with two-character escape sequences, in the form ex,
where e is the escape character and x is a code character described
below. Escape sequences are recognized only at the beginning of a line
of input. The default escape character is tilde It can be changed with
the option.
The following escape sequences are recognized:
ey If y is NOT a code character described below, pass the
escape character and y as characters to the remote host.
ee Pass the escape character as a character to the remote
host.
Disconnect from the remote host.
Escape to a subshell on the local host.
Use to return to the remote host.
If is run from a shell that supports job control (see csh(1),
ksh(1), and sh-posix(1)), escape sequences can be used to sus‐
pend The following escape sequences assume that and are set as
the user's and characters, respectively (see stty(1) and
termio(7)).
Suspend the
session and return the user to the shell that invoked The
job can be resumed with the command (see csh(1), ksh(1),
and sh-posix(1)). suspends both processes: the one
transmitting user input to the remote login, and the one
displaying output from the remote login.
Suspend the
session and return the user to the shell that invoked The
job can be resumed with the command (see csh(1), ksh(1),
and sh-posix(1)). suspends only the input process; out‐
put from the remote login continues to be displayed.
If you "daisy-chain" remote logins (for example, you from host A to
host B and then from host B to host C) without setting unique escape
characters, you can repeat the escape character until it reaches your
chosen destination. For example, the first escape character, e, is
seen as an escape character on host A; the second e is passed as a nor‐
mal character by host A and seen as an escape character on host B; a
third e is passed as a normal character by hosts A and B and accepted
as a normal character by host C.
Remote Host Name As Command
The system administrator can arrange for more convenient access to a
remote host (rhost) by linking to allowing use of the remote host name
(rhost) as a command (see remsh(1)). For example, if is the name of a
remote host and is linked to and if is in your search path, the com‐
mand:
is equivalent to:
RETURN VALUE
sends an error message to standard error and returns a nonzero value if
an error occurs before the connection to the remote host is completed.
Otherwise, it returns a zero.
DIAGNOSTICS
Diagnostics can occur from both the local and remote hosts. Those
diagnostics that occur on the local host before the connection is com‐
pletely established are written to standard error. Once the connection
is established, any error messages from the remote host are written to
standard output, like any other data.
There are two authentication mechanisms used by
One authentication mechanism is based on Kerberos and the
other is not. The type of authentication mechanism is
obtained from a system file which is updated by (see
inetsvcs_sec(1M)). If the system file does not contain
known authentication types, the above error is displayed.
was unable to find the login service listed in the
database file.
was unable to find your user ID in the password
file.
Contact your system administrator.
An error occurred when
attempted the indicated system call. See the appropriate
manual entry for information about the error.
EXAMPLES
Log in as the same user on the remote host
Set the escape character to a use a seven-bit data connection,
and attempt a login as user on host
Assuming that your system administrator has set up the links in
the following is equivalent to the previous command:
WARNINGS
For security purposes, the and files should exist, even if they
are empty. These files should be readable and writable only by
the owner. See hosts.equiv(4) for more information.
Note that all the information, including any passwords asked
for, is passed unencrypted between the two hosts. In a Kerberos
V5 Network Authentication environment, a password is not trans‐
mitted across the network, so it will be protected.
is unable to transmit the Break key as an interrupt signal to
the remote system, regardless of whether the user has set on the
local system. The key assigned to with the command should be
used instead (see stty(1)).
AUTHOR
was developed by the University of California, Berkeley.
FILES
User's private equivalence list
List of equivalent hosts
For rhost version of the command
SEE ALSOcsh(1), ksh(1), login(1), remsh(1), sh(1), sh-posix(1), stty(1),
telnet(1), rlogind(1M), inetsvcs_sec(1M), hosts(4),
hosts.equiv(4), inetd.conf(4), krb5.conf(4), services(4),
sis(5), termio(7), tty(7).
rlogin(1)