Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
REXECD(8)		  BSD System Manager's Manual		     REXECD(8)

NAME
     rexecd -- remote execution	server

SYNOPSIS
     rexecd

DESCRIPTION
     rexecd is the server for the rexec(3) routine.  The server	provides re-
     mote execution facilities with authentication based on user names and
     passwords.

     rexecd listens for	service	requests at the	port indicated in the ``exec''
     service specification; see	services(5).  When a service request is	re-
     ceived the	following protocol is initiated:

     1.	  The server reads characters from the socket up to a NUL (`\0') byte.
	  The resultant	string is interpreted as an ASCII number, base 10.

     2.	  If the number	received in step 1 is non-zero,	it is interpreted as
	  the port number of a secondary stream	to be used for the stderr.  A
	  second connection is then created to the specified port on the
	  client's machine.

     3.	  A NUL	terminated user	name of	at most	16 characters is retrieved on
	  the initial socket.

     4.	  A NUL	terminated, unencrypted	password of at most 16 characters is
	  retrieved on the initial socket.

     5.	  A NUL	terminated command to be passed	to a shell is retrieved	on the
	  initial socket.  The length of the command is	limited	by the upper
	  bound	on the size of the system's argument list.

     6.	  rexecd then validates	the user as is done at login time and, if the
	  authentication was successful, changes to the	user's home directory,
	  and establishes the user and group protections of the	user.  If any
	  of these steps fail the connection is	aborted	with a diagnostic mes-
	  sage returned.

     7.	  A NUL	byte is	returned on the	initial	socket and the command line is
	  passed to the	normal login shell of the user.	 The shell inherits
	  the network connections established by rexecd.

DIAGNOSTICS
     Except for	the last one listed below, all diagnostic messages are re-
     turned on the initial socket, after which any network connections are
     closed.  An error is indicated by a leading byte with a value of 1	(0 is
     returned in step 7	above upon successful completion of all	the steps
     prior to the command execution).

     username too long
	     The name is longer	than 16	characters.

     password too long
	     The password is longer than 16 characters.

     command too long
	     The command line passed exceeds the size of the argument list (as
	     configured	into the system).

     Login incorrect.
	     No	password file entry for	the user name existed.

     Password incorrect.
	     The wrong password	was supplied.

     No	remote directory.
	     The chdir(2) to the home directory	failed.

     Try again.
	     A fork(2) by the server failed.

     <shellname>: ...
	     The user's	login shell could not be started.  This	message	is re-
	     turned on the connection associated with the stderr, and is not
	     preceded by a flag	byte.

SEE ALSO
     rexec(3)

HISTORY
     The rexecd	command	appeared in 4.2BSD.

BUGS
     Indicating	``Login	incorrect'' as opposed to ``Password incorrect'' is a
     security breach which allows people to probe a system for users with null
     passwords.

     A facility	to allow all data and password exchanges to be encrypted
     should be present.

SECURITY CONSIDERATIONS
     As	the passwords exchanged	by the client and rexecd are not encrypted, it
     is	strongly recommended that this service is not enabled.

BSD				 June 1, 1994				   BSD

NAME | SYNOPSIS | DESCRIPTION | DIAGNOSTICS | SEE ALSO | HISTORY | BUGS | SECURITY CONSIDERATIONS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=rexecd&sektion=8&manpath=NetBSD+6.0>

home | help