1 .\" Copyright (c) 1983, 1991, 1993
2 .\" The Regents of the University of California. All rights reserved.
4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
12 .\" 3. All advertising materials mentioning features or use of this software
13 .\" must display the following acknowledgement:
14 .\" This product includes software developed by the University of
15 .\" California, Berkeley and its contributors.
16 .\" 4. Neither the name of the University nor the names of its contributors
17 .\" may be used to endorse or promote products derived from this software
18 .\" without specific prior written permission.
20 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 .\" @(#)rexecd.8 8.2 (Berkeley) 12/11/93
33 .\" $FreeBSD: src/libexec/rexecd/rexecd.8,v 1.9.2.4 2001/08/16 10:44:16 ru Exp $
34 .\" $DragonFly: src/libexec/rexecd/rexecd.8,v 1.4 2006/04/08 08:17:07 swildner Exp $
36 .Dd September 23, 1994
41 .Nd remote execution server
49 routine. The server provides remote execution facilities
50 with authentication based on user names and
54 listens for service requests at the port indicated in
55 the ``exec'' service specification; see
57 When a service request is received the following protocol
61 The server reads characters from the socket up
64 byte. The resultant string is
69 If the number received in step 1 is non-zero,
70 it is interpreted as the port number of a secondary
71 stream to be used for the
73 A second connection is then created to the specified
74 port on the client's machine.
76 A NUL terminated user name of at most 16 characters
77 is retrieved on the initial socket.
79 A NUL terminated, unencrypted password of at most
80 16 characters is retrieved on the initial socket.
82 A NUL terminated command to be passed to a
83 shell is retrieved on the initial socket. The length of
84 the command is limited by the upper bound on the size of
85 the system's argument list.
88 then validates the user as is done at login time
89 and, if the authentication was successful, changes
90 to the user's home directory, and establishes the user
91 and group protections of the user.
92 If any of these steps fail the connection is
93 aborted with a diagnostic message returned.
95 A NUL byte is returned on the initial socket
96 and the command line is passed to the normal login
97 shell of the user. The
98 shell inherits the network connections established
104 will not allow root logins unless the
106 option is given on the command line (typically in
107 .Pa /etc/inetd.conf ) .
108 It will also disallow access for users listed in
110 or users with no passwords, which were all serious security holes.
111 The entire concept of rexec/rexecd is a major security hole and an example
112 of how not to do things.
114 is disabled by default in
115 .Pa /etc/inetd.conf .
117 Except for the last one listed below,
118 all diagnostic messages are returned on the initial socket,
119 after which any network connections are closed.
120 An error is indicated by a leading byte with a value of
121 1 (0 is returned in step 7 above upon successful completion
122 of all the steps prior to the command execution).
125 .It Sy username too long
127 longer than 16 characters.
128 .It Sy password too long
129 The password is longer than 16 characters.
130 .It Sy command too long
131 The command line passed exceeds the size of the argument
132 list (as configured into the system).
133 .It Sy Login incorrect.
134 No password file entry for the user name existed.
135 .It Sy Password incorrect.
136 The wrong password was supplied.
137 .It Sy \&No remote directory.
140 to the home directory failed.
144 by the server failed.
145 .It Sy <shellname>: ...
146 The user's login shell could not be started.
147 This message is returned
148 on the connection associated with the
150 and is not preceded by a flag byte.
160 A facility to allow all data and password exchanges to be encrypted should be