Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Berkeley r-commands
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==Security== Those r-commands which involve user authentication ({{code|rcp}}, {{code|rexec}}, {{code|rlogin}}, and {{code|rsh}}) share several serious security vulnerabilities: * All information, including passwords, is transmitted unencrypted (making it vulnerable to interception). * The {{code|.rlogin}} (or {{code|.rhosts}}) file is easy to misuse. They are designed to allow logins without a [[password]], but their reliance on remote usernames, hostnames, and IP addresses is exploitable. For this reason many corporate system administrators prohibit {{code|.rhosts}} files, and actively scrutinize their networks for offenders. * The protocol partly relies on the remote party's {{code|rlogin}} client to provide information honestly, including source port and source host name. A malicious client can forge this and gain access, as the {{code|rlogin}} protocol has no means of [[Authentication|authenticating]] the client is running on a trusted machine. It also cannot check if the requesting client on a trusted machine is the real {{code|rlogin}} client, meaning that malicious programs may pretend to be a standard-conforming {{code|rlogin}} client by using the same protocols. * The common practice of mounting users' home directories via [[Network File System]] exposes rlogin to attack by means of fake {{code|.rhosts}} files - this means that any of its security faults automatically plague {{code|rlogin}}. Due to these problems, the r-commands fell into relative disuse (with many Unix and [[Linux]] distributions no longer including them by default). Many networks that formerly relied on {{code|rlogin}} and {{code|telnet}} have replaced them with [[Secure shell|SSH]] and its {{code|rlogin}}-equivalent {{code|slogin}}.<ref name="Sobell">{{cite book|last=Sobell|first=Mark|title=A Practical Guide to Linux Commands, Editors, and Shell Programming|isbn=978-0-13-136736-4|date=2010|publisher=Pearson Education, Inc}}</ref><ref name="iu">{{cite web|title=Unix job control command list|publisher=Indiana University|url=https://kb.iu.edu/d/afnw|accessdate=20 December 2014}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)