|HP-UX Reference > R
HP-UX 11i Version 3: February 2007
rlogin — remote login
The rlogin command connects your terminal on the local host to the remote host (rhost). rlogin acts as a virtual terminal to the remote system. The host name rhost can be either the official name or an alias as listed in the file /etc/hosts (see hosts(4)).
In non-secure or traditional environment, rlogin allows a user to log in on an equivalent remote host, rhost, bypassing the normal login/password sequence, in a manner similar to the remsh command (see remsh(1)). For more information about equivalent hosts and how to specify them in the files /etc/hosts.equiv and .rhosts, see hosts.equiv(4). The searching of the files /etc/hosts.equiv and .rhosts occurs on the remote host, and the .rhosts file must be owned by the remote user account.
If the originating user account is not equivalent to the remote user account, the originating user is prompted for the password of the remote account. If this fails, a login name and password are prompted for, as when login is used (see login(1)).
In a Kerberos V5 Network Authentication environment, rlogin uses the Kerberos V5 protocol to authenticate the connection to a remote host. If the authentication is successful, user authorization will be performed according to the command line options selected for rlogind (that is, -k, -K, -r, or -R). A password will not be required, so a password prompt will not be seen and a password will not be sent over the network where it can be observed. For further information on Kerberos authentication and authorization see the Secure Internet Services man page, sis(5) and rlogind(1M).
Although Kerberos authentication and authorization may apply, the Kerberos mechanism is not applied to the login session. All the information transferred between your host and the remote host is sent in cleartext over the network.
The terminal type specified by the current TERM environment variable is propagated across the network and used to set the initial value of your TERM environment variable on the remote host. Your terminal baud rate is also propagated to the remote host, and is required by some systems to set up the pseudo-terminal used by rlogind (see rlogind(1M)).
All echoing takes place at the remote site, so that (except for delays) the remote login is transparent.
If at any time rlogin is unable to read from or write to the socket connection on the remote host, the message Connection closed is printed on standard error and rlogin exits.
rlogin recognizes the following options. Note that the options follow the rhost argument.
The default Kerberos options for the applications are set in the krb5.conf configuration file. Refer to the appdefaults Section in the krb5.conf(4) manpage for more information. The options -f, and -F described in the subsequent paragraphs, can be set in the krb5.conf file with the tag names forward and forwardable respectively. Refer to the krb5.conf(4) manpage for more information on the appdefaults Section.
The fallback option can be set in the krb5.conf file within appdefaults Section. If fallback is set to true and the kerberos authentication fails, rlogin will use the non-secure mode of authentication.
Note: Command line options override the configuration file options.
rlogin can be controlled with two-character escape sequences, in the form ex, where e is the escape character and x is a code character described below. Escape sequences are recognized only at the beginning of a line of input. The default escape character is tilde (~). It can be changed with the -e option.
The following escape sequences are recognized:
If you "daisy-chain" remote logins (for example, you rlogin from host A to host B and then rlogin from host B to host C) without setting unique escape characters, you can repeat the escape character until it reaches your chosen destination. For example, the first escape character, e, is seen as an escape character on host A; the second e is passed as a normal character by host A and seen as an escape character on host B; a third e is passed as a normal character by hosts A and B and accepted as a normal character by host C.
Remote Host Name As Command
The system administrator can arrange for more convenient access to a remote host (rhost) by linking remsh to /usr/hosts/rhost, allowing use of the remote host name (rhost) as a command (see remsh(1)). For example, if remotehost is the name of a remote host and /usr/hosts/remotehost is linked to remsh, and if /usr/hosts is in your search path, the command:
is equivalent to:
rlogin sends an error message to standard error and returns a nonzero value if an error occurs before the connection to the remote host is completed. Otherwise, it returns a zero.
Diagnostics can occur from both the local and remote hosts. Those diagnostics that occur on the local host before the connection is completely established are written to standard error. Once the connection is established, any error messages from the remote host are written to standard output, like any other data.
Log in as the same user on the remote host remote:
Set the escape character to a !, use a seven-bit data connection, and attempt a login as user guest on host remhost:
rlogin remhost -e! -7 -l guest
Assuming that your system administrator has set up the links in /usr/hosts, the following is equivalent to the previous command:
remhost -e! -7 -l guest
For security purposes, the /etc/hosts.equiv and .rhosts files should exist, even if they are empty. These files should be readable and writable only by the owner. See hosts.equiv(4) for more information.
Note that all the information, including any passwords asked for, is passed unencrypted between the two hosts. In a Kerberos V5 Network Authentication environment, a password is not transmitted across the network, so it will be protected.
rlogin is unable to transmit the Break key as an interrupt signal to the remote system, regardless of whether the user has set stty brkint on the local system. The key assigned to SIGINT with the command stty intr c should be used instead (see stty(1)).