telnetd man page on HP-UX

Man page or keyword search:  
man Server   10987 pages
apropos Keyword Search (all sections)
Output format
HP-UX logo
[printable version]

telnetd(1M)							   telnetd(1M)

       telnetd - TELNET protocol server

	authmode] [bannerfile]]

       The  daemon  executes  a server that supports the DARPA standard TELNET
       virtual terminal	 protocol.   The  Internet  daemon  executes  when  it
       receives	 a service request at the port listed in the services database
       for using the protocol (see inetd(1M) and services(4)).

       operates by allocating a Telnet pseudo-terminal	device	(see  tels(7))
       for  a  client, then creating a login process, which has the slave side
       of the Telnet pseudo-terminal as and manipulates the master side of the
       Telnet  pseudo-terminal,	 implementing the TELNET protocol, and passing
       characters between the client and login process.

	      NOTE: no longer uses pty(7) devices;  instead  it	 uses  special
	      devices created for TELNET sessions only.	 For more information,
	      see tels(7).

       When a TELNET session is started up, sends TELNET options to the client
       side,  indicating  a willingness to do of characters, to and to receive
       and (if kerberos is enabled) information from the  remote  client.   If
       the  remote  client is ready, the remote terminal type is propagated in
       the environment of the  created	login  process.	  The  pseudo-terminal
       allocated  to  the client is configured as a normal terminal for login,
       with the exception of echoing characters (see tty(7)).

	      is willing to and

	      is willing to  have  the	remote	client	and  (if  kerberos  is

       The  flow  control option permits applications running on a remote host
       to toggle the flow control on the local host.  To toggle	 flow  control
       for a session programmatically, the application program must first call
       the function to get the current settings.  For example,

       Then, the of the structure must have set(reset) to enable(disable) flow

       Finally, the function call can implement the change.  For example,

       To  toggle the flow control interactively, the user can issue a command
       using the input options to disable, or to enable flow control.  See the
       stty(1) manpage.

       The terminal speed option permits applications running on a remote host
       to obtain the terminal speed of the local  host	session	 using	either
       ioctl or stty.

       The  server also supports the TAC User ID (also known as the TAC Access
       Control System, or TACACS User ID) option using which, users  telneting
       to  two or more consenting hosts may avoid going through a second login
       sequence.  See the option below.

       To start from the Internet daemon, the configuration file must  contain
       an entry as follows:

       The  above configuration applies only for the IPv4 environment.	For to
       work in the IPv6 environment, the configuration	file  must  contain  a
       entry as follows:

	      NOTE: The entry has changed to to work in the IPv6 environment.

       uses  the  same files as to verify participating systems and authorized
       users, and (See hosts.equiv(4) and the for configuration details.)

       has the following options.

       Specify a file containing a custom banner.
			   This option overrides the  standard	login  banner.
			   For example, to use as the login banner, have start
			   with the following lines in provides line continua‐

			   To work in the IPv6 environment, the entry in would

			   NOTE: has changed to for IPv6.

			   If bannerfile is not specified, does	 not  print  a
			   login banner.

       Invoke		   with all the environment variables passed to

       Set the time-out value for the initial option
			   negotiation in the file as:

			   This	 option informs how long it should wait before
			   timing out and  exiting  if	it  does  not  receive
			   either  a positive or negative reply for any of the
			   initial option negotiations.	 The time-out value is
			   measured in seconds.	 This option is set with inte‐
			   ger	values.	  The  values  range  between  1   and
			   21474836.  The default value is 120 seconds.

			   There  should  not  be any space between the option
			   and the time-out value.  For example,

			   To work in the IPv6 environment, the entry in would

			   NOTE: has changed to for IPv6.

       This option allows users to set the BUFFERSIZE value.
			   This	 option,  when set, informs the number of user
			   bytes to concatenate before sending to  TCP.	  This
			   option  is  set  with  integer values.  There is no
			   specified default.

       Enable the TAC User ID option.
			   The system administrator can enable the TAC User ID
			   option on servers designated as participating hosts
			   by having start with the option in

			   To enable the TAC User ID option  for  IPv6,	 users
			   must have start with the option in as shown below:

			   NOTE: has changed to for IPv6.

			   In  order  to  make	the TAC User ID option work as
			   specified, the system administrator must assign  to
			   all	authorized  users of the option the same login
			   name and unique user ID (UUID) on every participat‐
			   ing	system	to  which they are allowed TAC User ID
			   access.  These same UUIDs should not be assigned to
			   non-authorized users.

			   Users cannot use the feature on systems where their
			   local and remote UUIDs differ, but they can	always
			   use	the normal login sequence.  Also, there may be
			   a potential security breach where a user  with  one
			   UUID	 may  be  able	to gain entry to participating
			   systems and accounts where that UUID is assigned to
			   someone  else,  unless  the	above restrictions are

			   A typical configuration may consist of one or  more
			   secure  front-end systems and a network of partici‐
			   pating hosts.  Users who have  successfully	logged
			   onto	 the front-end system may directly to any par‐
			   ticipating  system  without	being	prompted   for
			   another login.

       Set the behavior for
			   to  instruct	 to  close the connection on the shell
			   command or whenever the client communicates with to
			   arrive upon 0 baud rate for

       This option allows users to set the
			   value.   This option, when set, informs how long it
			   should wait before timing out and flushing the con‐
			   catenated user data to TCP.	Note that the value is
			   measured in clock ticks (10 ms) and not in seconds.
			   This	 option	 is set with integer values.  There is
			   no specified default.

       This option allows the erase character for the terminal to be echoed on
			   screen at the login prompt.	 The  erase  character
			   can be set using the command.

       This option allows the users to disable the
			   socket  option.   When is invoked with this option,
			   small writes over may concatenate at the tcp	 level
			   so  that  larger tcp packets are sent to the client
			   at less frequent intervals.

			   NOTE: Using the option with the and options is  not

       To configure to use the option, the entry in would be:

       To  work	 in  the IPv6 environment using the option, the entry in would

	      NOTE: has changed to for IPv6.

       To configure to have a of 100 bytes and a of 100 ticks,	the  entry  in
       would be:

       To work in the IPv6 environment, the entry in would be:

	      NOTE: has changed to for IPv6.

   Kerberos-specific Options
       In Kerberos mode, can start with the following lines in


       The  option is used to ensure that non-secure systems are denied access
       to the server.  It overrides any value specified with the option except
       when authmode is See the sis(5) manpage.

       The  authmode  option  specifies	 what  mode is to be used for Kerberos
       authentication.	See the sis(5) manpage.	 Values for authmode are:

	      Activates authentication debugging.

	      Default value.
			Only allows connections when the remote user can  pro‐
			vide  valid Kerberos authentication information and is
			authorized to access the specified account.

	      Authentication information is not required.
			If no or insufficient Kerberos authentication informa‐
			tion  is  provided, the program provides the necessary
			user verification.  See the login(1) manpage.

       The option instructs to use the normal authentication mode whenever the
       telnet client communicates NULL type in the authentication option nego‐

       By default,  the	 server	 provides  remote  execution  facilities  with
       authentication based on Kerberos V5.  See the sis(5) manpage.

       If any error is encountered by in establishing the connection, an error
       message is returned through the connection, after which the  connection
       is  closed  and	the  server  exits.  Any errors generated by the login
       process or its descendents are passed through as ordinary data.

       The following diagnostic messages are displayed by

				   The server was unable to  obtain  a	Telnet
		     for  use  with  the  login	 process.   Either  all Telnet
		     pseudo-terminals were in use or the driver has  not  been
		     properly set up (see tels(7)).

		     Check  the Telnet pseudo driver configuration of the host
		     where is executing.

				   was unable to fork a process to handle  the
				   incoming connection.

		     Wait  a  period  of  time and try again.  If this message
		     persists, the server's host may  have  runaway  processes
		     that are using all the entries in the process table.

				   The login program could not be started via
		     for the reason indicated (see exec(2)).

       The  terminal type name received from the remote client is converted to

       never sends TELNET commands.

       was developed by the University of California, Berkeley.

       login(1), rlogin(1), stty(1), telnet(1),	 inetd(1M),  inetsvcs_sec(1M),
       exec(2),	   ioctl(2),	hosts(4),    hosts.equiv(4),	inetd.conf(4),
       inetd.sec(4), services(4), sis(5), pty(7), tels(7), tty(7).

       DOD MIL_STD 1782.

       RFC 854 for the TELNET protocol specification.


List of man pages available for HP-UX

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
Vote for polarhome
Free Shell Accounts :: the biggest list on the net