1 .\" Copyright (c) 1983, 1990, 1993
2 .\" The Regents of the University of California. All rights reserved.
4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
12 .\" 3. All advertising materials mentioning features or use of this software
13 .\" must display the following acknowledgement:
14 .\" This product includes software developed by the University of
15 .\" California, Berkeley and its contributors.
16 .\" 4. Neither the name of the University nor the names of its contributors
17 .\" may be used to endorse or promote products derived from this software
18 .\" without specific prior written permission.
20 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 .\" @(#)telnet.1 8.6 (Berkeley) 6/1/94
33 .\" $FreeBSD: src/crypto/telnet/telnet/telnet.1,v 1.4.2.9 2002/04/13 10:59:08 markm Exp $
34 .\" $DragonFly: src/crypto/telnet/telnet/telnet.1,v 1.2 2003/06/17 04:24:37 dillon Exp $
41 .Nd user interface to the
46 .Op Fl 468EFKLNacdfruxy
49 .Op Fl e Ar escapechar
62 is used to communicate with another host using the
67 is invoked without the
69 argument, it enters command mode,
70 indicated by its prompt
72 In this mode, it accepts and executes the commands listed below.
73 If it is invoked with arguments, it performs an
75 command with those arguments.
78 .Bl -tag -width indent
82 to use IPv4 addresses only.
86 to use IPv6 addresses only.
88 Specifies an 8-bit data path. This causes an attempt to
91 option on both input and output.
93 Stops any character from being recognized as an escape character.
95 If Kerberos V5 authentication is being used, the
97 option allows the local credentials to be forwarded
98 to the remote system, including any credentials that
99 have already been forwarded into the local environment.
101 Specifies no automatic login to the remote system.
103 Specifies an 8-bit data path on output. This causes the
105 option to be negotiated on output.
107 Prevents IP address to name lookup when destination host is given
110 Sets the IP type-of-service (TOS) option for the telnet
111 connection to the value
113 which can be a numeric TOS value
114 or, on systems that support it, a symbolic
115 TOS name found in the
121 type of authentication.
123 Attempt automatic login.
124 This is now the default, so this option is ignored.
125 Currently, this sends the user name via the
130 option if supported by the remote system.
131 The name used is that of the current user as returned by
133 if it agrees with the current user ID,
134 otherwise it is the name associated with the user ID.
136 Disables the reading of the user's
140 command on this man page.)
142 Sets the initial value of the
146 .It Fl e Ar escapechar
154 there will be no escape character.
156 If Kerberos V5 authentication is being used, the
158 option allows the local credentials to be forwarded to the remote system.
160 If Kerberos authentication is being used, the
164 obtain tickets for the remote host in
167 instead of the remote host's realm, as determined by
168 .Xr krb_realmofhost 3 .
170 When connecting to the remote system, if the remote system
175 will be sent to the remote system as the value for the variable
177 This option implies the
180 This option may also be used with the
183 .It Fl n Ar tracefile
186 for recording trace information.
191 Specifies a user interface similar to
194 mode, the escape character is set to the tilde (~) character,
195 unless modified by the
199 Set the source IP address for the
203 which can be an IP address or a host name.
209 addresses only (e.g.,
211 domain sockets, accessed with a file path).
213 Turns on encryption of the data stream if possible.
214 This is now the default, so this option is ignored.
216 Suppresses encryption of the data stream.
218 Indicates the official name, an alias, or the Internet address
225 establishes a connection to the corresponding named socket.
227 Indicates a port number (address of an application). If a number is
228 not specified, the default
233 When in rlogin mode, a line of the form ~. disconnects from the
234 remote host; ~ is the
237 Similarly, the line ~^Z suspends the
240 The line ~^] escapes to the normal
244 Once a connection has been opened,
246 will attempt to enable the
251 will revert to one of two input modes:
252 either \*(Lqcharacter at a time\*(Rq
253 or \*(Lqold line by line\*(Rq
254 depending on what the remote system supports.
258 is enabled, character processing is done on the
259 local system, under the control of the remote system. When input
260 editing or character echoing is to be disabled, the remote system
261 will relay that information. The remote system will also relay
262 changes to any special characters that happen on the remote
263 system, so that they can take effect on the local system.
265 In \*(Lqcharacter at a time\*(Rq mode, most
266 text typed is immediately sent to the remote host for processing.
268 In \*(Lqold line by line\*(Rq mode, all text is echoed locally,
269 and (normally) only completed lines are sent to the remote host.
270 The \*(Lqlocal echo character\*(Rq (initially \*(Lq^E\*(Rq) may be used
271 to turn off and on the local echo
272 (this would mostly be used to enter passwords
273 without the password being echoed).
277 option is enabled, or if the
281 (the default for \*(Lqold line by line\*(Rq; see below),
287 characters are trapped locally, and sent as
289 protocol sequences to the remote side.
292 has ever been enabled, then the user's
305 There are options (see
312 which cause this action to flush subsequent output to the terminal
313 (until the remote host acknowledges the
315 sequence) and flush previous terminal input
321 While connected to a remote host,
323 command mode may be entered by typing the
325 \*(Lqescape character\*(Rq (initially \*(Lq^]\*(Rq).
326 When in command mode, the normal terminal editing conventions are available.
330 commands are available.
331 Only enough of each command to uniquely identify it need be typed
332 (this is also true for arguments to the
343 .Bl -tag -width "mode type"
344 .It Ic auth Ar argument ...
345 The auth command manipulates the information sent through the
346 .Dv TELNET AUTHENTICATE
347 option. Valid arguments for the
350 .Bl -tag -width "disable type"
351 .It Ic disable Ar type
352 Disables the specified type of authentication. To
353 obtain a list of available types, use the
356 .It Ic enable Ar type
357 Enables the specified type of authentication. To
358 obtain a list of available types, use the
362 Lists the current status of the various types of
368 session and return to command mode.
369 .It Ic display Ar argument ...
370 Displays all, or some, of the
375 .It Ic encrypt Ar argument ...
376 The encrypt command manipulates the information sent through the
380 Valid arguments for the
384 .It Ic disable Ar type Xo
385 .Op Cm input | output
387 Disables the specified type of encryption. If you
388 omit the input and output, both input and output
389 are disabled. To obtain a list of available
391 .Ic encrypt disable ?\&
393 .It Ic enable Ar type Xo
394 .Op Cm input | output
396 Enables the specified type of encryption. If you
397 omit input and output, both input and output are
398 enabled. To obtain a list of available types, use the
399 .Ic encrypt enable ?\&
402 This is the same as the
403 .Ic encrypt start input
406 This is the same as the
407 .Ic encrypt stop input
410 This is the same as the
411 .Ic encrypt start output
414 This is the same as the
415 .Ic encrypt stop output
417 .It Ic start Op Cm input | output
418 Attempts to start encryption. If you omit
422 both input and output are enabled. To
423 obtain a list of available types, use the
424 .Ic encrypt enable ?\&
427 Lists the current status of encryption.
428 .It Ic stop Op Cm input | output
429 Stops encryption. If you omit input and output,
430 encryption is on both input and output.
432 Sets the default type of encryption to be used
439 .It Ic environ Ar arguments ...
442 command is used to manipulate the
443 variables that may be sent through the
446 The initial set of variables is taken from the users
447 environment, with only the
451 variables being exported by default.
454 variable is also exported if the
460 Valid arguments for the
464 .It Ic define Ar variable value
469 Any variables defined by this command are automatically exported.
472 may be enclosed in single or double quotes so
473 that tabs and spaces may be included.
474 .It Ic undefine Ar variable
477 from the list of environment variables.
478 .It Ic export Ar variable
481 to be exported to the remote side.
482 .It Ic unexport Ar variable
485 to not be exported unless
486 explicitly asked for by the remote side.
488 List the current set of environment variables.
491 will be sent automatically,
492 other variables will only be sent if explicitly requested.
494 Prints out help information for the
501 option to the remote side.
502 This command is similar to a
504 command; however, if the remote side does not support the
506 option, nothing happens.
507 If, however, the remote side does support the
509 option, this command should cause the remote side to close the
512 If the remote side also supports the concept of
513 suspending a user's session for later reattachment,
514 the logout argument indicates that you
515 should terminate the session immediately.
518 is one of several options, depending on the state of the
521 The remote host is asked for permission to go into the requested mode.
522 If the remote host is capable of entering that mode, the requested
523 mode will be entered.
528 option, or, if the remote side does not understand the
530 option, then enter \*(Lqcharacter at a time\*(Rq mode.
534 option, or, if the remote side does not understand the
536 option, then attempt to enter \*(Lqold-line-by-line\*(Rq mode.
537 .It Ic isig Pq Ic \-isig
538 Attempt to enable (disable) the
543 This requires that the
546 .It Ic edit Pq Ic \-edit
547 Attempt to enable (disable) the
552 This requires that the
555 .It Ic softtabs Pq Ic \-softtabs
556 Attempt to enable (disable) the
561 This requires that the
564 .It Ic litecho Pq Ic \-litecho
565 Attempt to enable (disable) the
570 This requires that the
574 Prints out help information for the
581 .Op Oo Fl Oc Ns Ar port
583 Open a connection to the named host.
587 will attempt to contact a
589 server at the default port.
590 The host specification may be either a host name (see
592 an Internet address specified in the \*(Lqdot notation\*(Rq (see
594 or IPv6 host name or IPv6 coloned-hexadecimal addreess.
597 option may be used to specify the user name
598 to be passed to the remote system via the
601 When connecting to a non-standard port,
603 omits any automatic initiation of
605 options. When the port number is preceded by a minus sign,
606 the initial option negotiation is done.
607 After establishing a connection, the file
610 users home directory is opened. Lines beginning with a # are
611 comment lines. Blank lines are ignored. Lines that begin
612 without white space are the start of a machine entry. The
613 first thing on the line is the name of the machine that is
614 being connected to. The rest of the line, and successive
615 lines that begin with white space are assumed to be
617 commands and are processed as if they had been typed
626 An end of file (in command mode) will also close a session and exit.
627 .It Ic send Ar arguments
628 Sends one or more special character sequences to the remote host.
629 The following are the arguments which may be specified
630 (more than one argument may be specified at a time):
632 .Bl -tag -width escape
642 (Abort Output) sequence, which should cause the remote system to flush
652 sequence, to which the remote system may or may not choose to respond.
656 (Break) sequence, which may have significance to the remote
662 sequence, which should cause the remote system to erase the last character
668 sequence, which should cause the remote system to erase the line currently
683 escape character (initially \*(Lq^\*(Rq).
688 sequence, which likely has no significance to the remote system.
690 If the remote side supports the
694 will send the subnegotiation to request that the server send
695 its current option status.
699 (Interrupt Process) sequence, which should cause the remote
700 system to abort the currently running process.
715 This sequence causes the remote system to discard all previously typed
716 (but not yet read) input.
717 This sequence is sent as
720 data (and may not work if the remote system is a
723 it doesn't work, a lower case \*(Lqr\*(Rq may be echoed on the terminal).
733 can be either a decimal number between 0 and 255,
734 or a symbolic name for a specific
742 to print out help information, including
743 a list of known symbolic names.
745 Prints out help information for the
749 .It Ic set Ar argument value
750 .It Ic unset Ar argument value
753 command will set any one of a number of
755 variables to a specific value or to
759 turns off the function associated with
760 the variable, this is equivalent to using the
765 command will disable or set to
767 any of the specified functions.
768 The values of variables may be interrogated with the
771 The variables which may be set or unset, but not toggled, are
772 listed here. In addition, any of the variables for the
774 command may be explicitly set or unset using
780 .Bl -tag -width escape
784 is in localchars mode, or
786 is enabled, and the status character is typed, a
790 preceding) is sent to the
791 remote host. The initial value for the \*(LqAre You There\*(Rq
792 character is the terminal's status character.
794 This is the value (initially \*(Lq^E\*(Rq) which, when in
795 \*(Lqline by line\*(Rq mode, toggles between doing local echoing
796 of entered characters (for normal processing), and suppressing
797 echoing of entered characters (for entering, say, a password).
803 or \*(Lqold line by line\*(Rq mode, entering this character
804 as the first character on a line will cause this character to be
805 sent to the remote system.
806 The initial value of the eof character is taken to be the terminal's
821 is operating in \*(Lqcharacter at a time\*(Rq mode, then when this
822 character is typed, a
828 is sent to the remote system.
829 The initial value for the erase character is taken to be
836 escape character (initially \*(Lq^[\*(Rq) which causes entry
839 command mode (when connected to a remote system).
851 character is typed, a
857 is sent to the remote host.
858 The initial value for the flush character is taken to be
869 characters that, when typed, cause partial lines to be
870 forwarded to the remote system. The initial value for
871 the forwarding characters are taken from the terminal's
872 eol and eol2 characters.
884 character is typed, a
890 is sent to the remote host.
891 The initial value for the interrupt character is taken to be
907 is operating in \*(Lqcharacter at a time\*(Rq mode, then when this
908 character is typed, a
914 is sent to the remote system.
915 The initial value for the kill character is taken to be
924 or \*(Lqold line by line\*(Rq mode, then this character is taken to
928 The initial value for the lnext character is taken to be
943 character is typed, a
949 is sent to the remote host.
950 The initial value for the quit character is taken to be
959 or \*(Lqold line by line\*(Rq mode, then this character is taken to
963 The initial value for the reprint character is taken to be
968 This is the rlogin escape character.
971 escape character is ignored unless it is
972 preceded by this character at the beginning of a line.
973 This character, at the beginning of a line followed by
974 a "." closes the connection; when followed by a ^Z it
977 command. The initial state is to
983 .Dv TELNET TOGGLE-FLOW-CONTROL
984 option has been enabled,
985 then this character is taken to
989 The initial value for the start character is taken to be
995 .Dv TELNET TOGGLE-FLOW-CONTROL
996 option has been enabled,
997 then this character is taken to
1001 The initial value for the stop character is taken to be
1014 character is typed, a
1020 is sent to the remote host.
1021 The initial value for the suspend character is taken to be
1026 This is the file to which the output, caused by
1032 will be written. If it is set to
1034 then tracing information will be written to standard output (the default).
1040 or \*(Lqold line by line\*(Rq mode, then this character is taken to
1044 The initial value for the worderase character is taken to be
1054 .It Ic opie Ar sequence challenge
1057 command computes a response to the OPIE challenge.
1061 command (Set Local Characters) is used to set
1062 or change the state of the special
1066 been enabled. Special characters are characters that get
1069 commands sequences (like
1073 or line editing characters (like
1077 By default, the local special characters are exported.
1080 Verify the current settings for the current special characters.
1081 The remote side is requested to send all the current special
1082 character settings, and if there are any discrepancies with
1083 the local side, the local side will switch to the remote value.
1085 Switch to the local defaults for the special characters. The
1086 local default characters are those of the local terminal at
1091 Switch to the remote defaults for the special characters.
1092 The remote default characters are those of the remote system
1093 at the time when the
1095 connection was established.
1097 Prints out help information for the
1102 Show the current status of
1104 This includes the peer one is connected to, as well
1105 as the current mode.
1106 .It Ic toggle Ar arguments ...
1111 various flags that control how
1114 These flags may be set explicitly to
1122 commands listed above.
1123 More than one argument may be specified.
1124 The state of these flags may be interrogated with the
1127 Valid arguments are:
1130 Turns on debugging information for the authentication code.
1142 characters are recognized (and transformed into
1148 refuses to display any data on the user's terminal
1149 until the remote system acknowledges (via a
1150 .Dv TELNET TIMING MARK
1152 that it has processed those
1155 The initial value for this toggle is
1157 if the terminal user had not
1158 done an "stty noflsh", otherwise
1165 option is negotiated, by
1166 default the actual encryption (decryption) of the data
1167 stream does not start automatically. The autoencrypt
1168 (autodecrypt) command states that encryption of the
1169 output (input) stream should be enabled as soon as
1172 If the remote side supports the
1173 .Dv TELNET AUTHENTICATION
1176 attempts to use it to perform automatic authentication. If the
1178 option is not supported, the user's login
1179 name are propagated through the
1182 This command is the same as specifying
1194 then when either the
1198 characters is typed (see
1200 above for descriptions of the
1204 characters), the resulting
1206 sequence sent is followed by the
1211 cause the remote system to begin throwing away all previously
1212 typed input until both of the
1214 sequences have been read and acted upon.
1215 The initial value of this toggle is
1218 Enable or disable the
1220 option on both input and output.
1222 Enable or disable the
1226 Enable or disable the
1232 then carriage returns will be sent as
1236 then carriage returns will be send as
1238 The initial value for this toggle is
1241 Toggle carriage return mode.
1242 When this mode is enabled, most carriage return characters received from
1243 the remote host will be mapped into a carriage return followed by
1245 This mode does not affect those characters typed by the user, only
1246 those received from the remote host.
1247 This mode is not very useful unless the remote host
1248 only sends carriage return, but never line feed.
1249 The initial value for this toggle is
1252 Toggles socket level debugging (useful only to the
1254 The initial value for this toggle is
1257 Turns on debugging information for the encryption code.
1270 above) are recognized locally, and transformed into (hopefully) appropriate
1283 The initial value for this toggle is
1285 in \*(Lqold line by line\*(Rq mode,
1288 in \*(Lqcharacter at a time\*(Rq mode.
1291 option is enabled, the value of
1293 is ignored, and assumed to always be
1297 has ever been enabled, then
1313 Toggles the display of all network data (in hexadecimal format).
1314 The initial value for this toggle is
1317 Toggles the display of some internal
1319 protocol processing (having to do with
1322 The initial value for this toggle is
1327 toggle is enabled, if
1329 is enabled the output from the
1331 command will be formatted in a more user readable format.
1332 Spaces are put between each character in the output, and the
1335 escape sequence is preceded by a '*' to aid in locating them.
1337 When the skiprc toggle is
1340 skips the reading of the
1342 file in the users home
1343 directory when connections are opened. The initial
1344 value for this toggle is
1347 Toggles the display of all terminal data (in hexadecimal format).
1348 The initial value for this toggle is
1350 .It Ic verbose_encrypt
1356 prints out a message each time encryption is enabled or
1357 disabled. The initial value for this toggle is
1367 This command only works when the user is using the
1369 .It Ic \&! Op Ar command
1370 Execute a single command in a subshell on the local
1373 is omitted, then an interactive
1374 subshell is invoked.
1375 .It Ic ?\& Op Ar command
1376 Get help. With no arguments,
1378 prints a help summary.
1383 will print the help information for just that command.
1393 environment variables.
1394 Other environment variables may be propagated
1395 to the other side via the
1405 .Bl -tag -width ~/.telnetrc -compact
1407 user customized telnet startup values
1415 IPv6 support was added by WIDE/KAME project.
1417 On some remote systems, echo has to be turned off manually when in
1418 \*(Lqold line by line\*(Rq mode.
1420 In \*(Lqold line by line\*(Rq mode or
1424 character is only recognized (and sent to the remote system)
1425 when it is the first character on a line.