rlogind Daemon
Purpose
Provides the server function for the rlogin command.
Syntax
Note: The rlogind daemon is normally started by the inetd daemon. It can also be controlled from the command line, using SRC commands.
Description
The /usr/sbin/rlogind daemon is the server for the rlogin remote login command. The server provides a remote login facility.
Changes to the rlogind daemon can be made using the System Management Interface Tool (SMIT) or System Resource Controller (SRC), by editing the /etc/inetd.conf or /etc/services file. Entering rlogind at the command line is not recommended. The rlogind daemon is started by default when it is uncommented in the /etc/inetd.conf file.
The rlogind daemon ignores unrecognized options and log this information through the syslog service if the syslog service is enabled in the system.
The inetd daemon get its information the /etc/inetd.conf file and the /etc/services file.
After changing the /etc/inetd.conf or /etc/services file, run the refresh -s inetd or kill -1 InetdPID command to inform the inetd daemon of the changes to its configuration file.
Service Request Protocol
When the rlogind daemon receives a service request, the daemon initiates the following protocol:
- The rlogind daemon checks the source port number for the request. If the port number is not in the range 512-1023, the rlogind daemon terminates the connection.
- The rlogind daemon uses the source address of the initial connection request to determine the name of the client host. If the name cannot be determined, the rlogind daemon uses the dotted-decimal representation of the client host address.
Error Messages
The following error messages are associated with the rlogind daemon:
| Item | Description |
|---|---|
| Try again. | A fork command made by the server has failed. |
| /usr/bin/shell: | No shell. The shell specified for the shell variable cannot be started. The shell variable may also be a program. |
Flags
| Item | Description |
|---|---|
| -a | Disables pty speed enhancement feature. |
| -c | Suppresses the sanity check of a host name lookup. |
| -l | Prevents any authentication based on the user's $HOME/.rhosts file. However, a root user is automatically logged in when there is a .rhosts file in root's home directory as specified by the /etc/passwd file. |
| -n | Disables transport-level keep-alive messages. The messages are enabled by default. |
| -s | Turns on socket level debugging. |
Security
The rlogind daemon is a PAM-enabled application with a service name of rlogin. System-wide configuration to use PAM for authentication is set by modifying the value of the auth_type attribute, in the usw stanza of /etc/security/login.cfg, to PAM_AUTH as the root user.
#
# AIX rlogin configuration
#
rlogin auth sufficient /usr/lib/security/pam_rhosts_auth
rlogin auth required /usr/lib/security/pam_aix
rlogin account required /usr/lib/security/pam_aix
rlogin password required /usr/lib/security/pam_aix
rlogin session required /usr/lib/security/pam_aixExamples
Note: The arguments for the rlogind daemon can be specified by using SMIT or by editing the /etc/inetd.conf file.
- To start the rlogind daemon,
enter the following: startsrc -t rloginThis command starts the rlogind subserver.
- To stop the rlogind daemon
normally, enter the following: stopsrc -t rloginThis command allows all pending connections to start and existing connections to complete but prevents new connections from starting.
- To force stop the rlogind daemon
and all rlogind connections, enter the following: stopsrc -f -t rloginThis command terminates all pending connections and existing connections immediately.
- To display a short
status report about the rlogind daemon, enter the following:
lssrc -t rloginThis command returns the daemon's name, process ID, and state (active or inactive).