Skip site navigation (1)Skip section navigation (2)

FreeBSD Man Pages

Man Page or Keyword Search:
Man Architecture
Apropos Keyword Search (all sections) Output format
home | help
REXECD(8)		FreeBSD	System Manager's Manual		     REXECD(8)

NAME
     rexecd -- remote execution	server

SYNOPSIS
     rexecd [-i]

DESCRIPTION
     Rexecd is the server for the rexec(3) routine.  The server	provides
     remote execution facilities with authentication based on user names and
     passwords.

     Rexecd listens for	service	requests at the	port indicated in the ``exec''
     service specification; see	services(5).  When a service request is
     received the following protocol is	initiated:

     1.	  The server reads characters from the socket up to a NUL (`\0') byte.
	  The resultant	string is interpreted as an ASCII number, base 10.

     2.	  If the number	received in step 1 is non-zero,	it is interpreted as
	  the port number of a secondary stream	to be used for the stderr.  A
	  second connection is then created to the specified port on the
	  client's machine.

     3.	  A NUL	terminated user	name of	at most	16 characters is retrieved on
	  the initial socket.

     4.	  A NUL	terminated, unencrypted	password of at most 16 characters is
	  retrieved on the initial socket.

     5.	  A NUL	terminated command to be passed	to a shell is retrieved	on the
	  initial socket.  The length of the command is	limited	by the upper
	  bound	on the size of the system's argument list.

     6.	  Rexecd then validates	the user as is done at login time and, if the
	  authentication was successful, changes to the	user's home directory,
	  and establishes the user and group protections of the	user.  If any
	  of these steps fail the connection is	aborted	with a diagnostic mes-
	  sage returned.

     7.	  A NUL	byte is	returned on the	initial	socket and the command line is
	  passed to the	normal login shell of the user.	 The shell inherits
	  the network connections established by rexecd.

CAVEATS
     Rexecd will not allow root	logins unless the -i option is given on	the
     command line (typically in	/etc/inetd.conf).  It will also	disallow
     access for	users listed in	/etc/ftpusers, or users	with no	passwords,
     which were	all serious security holes.  The entire	concept	of rexec/rex-
     ecd is a major security hole and an example of how	not to do things.
     Rexecd is disabled	by default in /etc/inetd.conf.

DIAGNOSTICS
     Except for	the last one listed below, all diagnostic messages are
     returned on the initial socket, after which any network connections are
     closed.  An error is indicated by a leading byte with a value of 1	(0 is
     returned in step 7	above upon successful completion of all	the steps
     prior to the command execution).

     username too long
	     The name is longer	than 16	characters.

     password too long
	     The password is longer than 16 characters.

     command too long
	     The command line passed exceeds the size of the argument list (as
	     configured	into the system).

     Login incorrect.
	     No	password file entry for	the user name existed.

     Password incorrect.
	     The wrong password	was supplied.

     No	remote directory.
	     The chdir command to the home directory failed.

     Try again.
	     A fork(2) by the server failed.

     <shellname>: ...
	     The user's	login shell could not be started.  This	message	is
	     returned on the connection	associated with	the stderr, and	is not
	     preceded by a flag	byte.

SEE ALSO
     rexec(3)

BUGS
     A facility	to allow all data and password exchanges to be encrypted
     should be present.

HISTORY
     The rexecd	command	appeared in 4.2BSD.

FreeBSD	10.1		      September	23, 1994		  FreeBSD 10.1

NAME | SYNOPSIS | DESCRIPTION | CAVEATS | DIAGNOSTICS | SEE ALSO | BUGS | HISTORY

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=rexecd&sektion=8&manpath=FreeBSD+4.7-RELEASE>

home | help