2 .\" * remove Op from mandatory flags
3 .\" * use better macros for arguments (like .Pa for files)
21 program. It provides an authenticated remote command execution
22 service. Supported options are:
28 Disables keep-alive messages. Keep-alives are packets sent a certain
29 interval to make sure that the client is still there, even when it
30 doesn't send any data.
35 Assume that clients connecting to this server will use some form of
36 Kerberos authentication. See the
45 For Kerberos 4 this means that the connections are encrypted. Kerberos
46 5 will negotiate encryption inline. This option implies
52 .\"When using old port-based authentication, the user's
54 .\"files are normally checked. This options disables this.
59 If the connecting client does not use any Kerberised authentication,
60 print a message that complains about this fact, and exit. This is
61 helpful if you want to move away from old port-based authentication.
65 When using the AFS filesystem, users' authentication tokens are put in
66 something called a PAG (Process Authentication Group). Multiple
67 processes can share a PAG, but normally each login session has its own
68 PAG. This option disables the
70 call, so all tokens will be put in the default (uid-based) PAG, making
71 it possible to share tokens between sessions. This is only useful in
72 peculiar environments, such as some batch systems.
81 to create a socket, instead of assuming that its stdin came from
83 This is mostly useful for debugging.
93 This flag is for backwards compatibility only.
97 This flag enables logging of connections to
99 This option is always on in this implementation.
103 .Bl -tag -width /etc/hosts.equiv -compact
104 .It Pa /etc/hosts.equiv
108 The following can be used to enable Kerberised rsh in
110 while disabling non-Kerberised connections:
112 shell stream tcp nowait root /usr/libexec/rshd rshd -v
113 kshell stream tcp nowait root /usr/libexec/rshd rshd -k
114 ekshell stream tcp nowait root /usr/libexec/rshd rshd -kx
127 This implementation of
129 was written as part of the Heimdal Kerberos 5 implementation.