Penguin
Annotated edit history of telnetd(8) version 2, including all changes. View license author blame.
Rev Author # Line
1 perry 1 ----
2 __NAME__
3
4
5 telnetd - DARPA telnet protocol
6 server
7 __SYNOPSIS__
8
9
10 /usr/sbin/in.telnetd [[-hns] [[-a authmode] [[-D debugmode] [[-L
11 loginprg] [[-S tos] [[-X authtype] [[-edebug] [[-debug
12 port]
13 __DESCRIPTION__
14
15
16 The telnetd program is a server which supports the
17 DARPA telnet interactive communication
18 protocol. Telnetd is nor- mally invoked by the internet
19 server (see inetd(8)) for requests to connect to
20 the telnet port as indicated by the
21 /etc/services file (see services(5)). The
22 -debug option may be used to start up telnetd manually,
23 instead of through inetd(8). If started up this
24 way, port may be specified to run telnetd on an alternate
25 TCP port number.
26
27
28 The telnetd program accepts the following options:
29 -a authmode
30
31
32 This option may be used for specifying what modeshould be used for authentication. Note thatthis option is only useful if telnetd has beencompiled with support for authentication, whichis not available in the current version. Thefollowing values of authmode are understood: debug Turns on authentication debugging code. user Only allow connections when the remoteuser can provide valid authenticationinformation to identify the remote user,and is allowed access to the specifiedaccount without providing a password. valid Only allow connections when the remoteuser can provide valid authenticationinformation to identify the remote user.The login(1) command will provide any additional user verification needed if the remote user is not allowed automatic access to the specified account.
33
34
35 other
36 Only allow connections that supply some authentication
37 information. This option is currently not supported by any
38 of the existing authentication mechanisms, and is thus the
39 same as specifying valid.
40
41
42 none
43 This is the default state. Authentication information is not
44 required. If no or insufficient authentication information
45 is provided, then the login(1) program will provide
46 the necessary user verification.
47
48
49 off
50 This disables the authentication code. All user verification
51 will happen through the login(1)
52 program.
53
54
55 -D debugmode
56 This option may be used for debugging purposes. This allows
57 telnetd to print out debugging information to the
58 connection, allowing the user to see what telnetd is doing.
59 There are several possible values for
60 debugmode:
61
62
63 options
64 Prints information about the negotia- tion of
65 telnet options.
66
67
68 report
69 Prints the options information, plus some additional
70 information about what processing is going on.
71
72
73 netdata
74 Displays the data stream received by telnetd.
75
76
77 ptydata
78 Displays data written to the pty.
79
80
81 exercise
82 Has not been implemented yet.
83
84
85 -edebug
86 If telnetd has been compiled with support for encryption,
87 then the -edebug option may be used to enable encryption
88 debugging code.
89
90
91 -h
92 Disables the printing of host-specific informa- tion before
93 login has been completed.
94
95
96 -L loginprg
97 This option may be used to specify a different login
98 program. By default, /usr/sbin/telnetlogin is
99 used.
100
101
102 -n
103 Disable TCP keep-alives. Normally telnetd enables
104 the TCP keep-alive mechanism to probe
105 connections that have been idle for some period of time to
106 determine if the client is still there, so that idle
107 connections from machines that have crashed or can no longer
108 be reached may be cleaned up.
109
110
111 -s
112 This option is only enabled if telnetd is com- piled with
113 support for SecurID cards. It causes the -s
114 option to be passed on to login(1), and thus is
115 only useful if login(1) supports the -s flag to
116 indicate that only SecurID validated logins
117 are allowed. This is usually useful for controlling remote
118 logins from outside of a firewall.
119
120
121 -S tos
122 Sets the IP type-of-service (TOS) option for the telnet
123 connection to the value tos.
124
125
126 -X authtype
127 This option is only valid if telnetd has been built with
128 support for the authentication option. It disables the use
129 of authtype authen- tication, and can be used to temporarily
130 disable a specific authentication type without having to
131 recompile telnetd.
132
133
134 If the file /etc/issue.net is present, telnetd will
135 display its contents before the login prompt of a telnet
136 session (see issue.net(5)).
137
138
139 Telnetd operates by allocating a pseudo-terminal device (see
140 pty(4)) for a client, then creating a login process
141 which has the slave side of the pseudo-terminal as
142 stdin, stdout, and stderr.
143 Telnetd manipulates the master side of the pseudo-terminal,
144 implementing the telnet protocol and pass-
145 ing characters between the remote client and the login pro-
146 cess.
147
148
149 When a telnet session is started up, telnetd
150 sends telnet options to the client side
151 indicating a willingness to do the following
152 telnet options, which are described in more
153 detail below:
154
155
156 DO AUTHENTICATION
157 WILL ENCRYPT
158 DO TERMINAL TYPE
159 DO TSPEED
160 DO XDISPLOC
161 DO NEW-ENVIRON
162 DO ENVIRON
163 WILL SUPPRESS GO AHEAD
164 DO ECHO
165 DO LINEMODE
166 DO NAWS
167 WILL STATUS
168 DO LFLOW
169 DO TIMING-MARK
170 The pseudo-terminal allocated to the client is configured to operate in cooked mode, and with XTABS CRMOD enabled (see tty(4)).
171
172
173 Telnetd has support for enabling locally the following
174 telnet options:
175 WILL ECHO When the LINEMODE
176 option is enabled, a WILL ECHO or WONT
177 ECHO will be sent to the client to indicate the current
178 state of terminal echoing. When terminal echo is not
179 desired, a WILL ECHO is sent to indi- cate that
180 telnetd will take care of echo- ing any data
181 that needs to be echoed to the terminal, and then nothing is
182 echoed. When terminal echo is desired, a WONT ECHO
183 is sent to indicate that telnetd will not be
184 doing any terminal echoing, so the client should do any
185 terminal echoing that is needed.
186
187
188 WILL BINARY
189 Indicates that the client is willing to send a 8 bits of data, rather than the normal 7 bits of the Network Virtual Ter- minal.
190
191
192 WILL SGA
193 Indicates that it will not be sending IAC GA, go
194 ahead, commands.
195
196
197 WILL STATUS
198 Indicates a willingness to send the client, upon request, of
199 the current sta- tus of all TELNET
200 options.
201
202
203 WILL TIMING-MARK
204 Whenever a DO TIMING-MARK command is received, it
205 is always responded to with a WILL
206 TIMING-MARK
207
208
209 WILL LOGOUT
210 When a DO LOGOUT is received, a WILL
211 LOGOUT is sent in response, and the
212 TELNET session is shut down.
213
214
215 WILL ENCRYPT
216 Only sent if telnetd is compiled with sup- port for data
217 encryption, and indicates a willingness to decrypt the data
218 stream.
219
220
221 Telnetd has support for enabling remotely the following
222 TELNET options:
223
224
225 DO BINARY Sent to indicate that telnetd is
226 willing to receive an 8 bit data stream.
227
228
229 DO LFLOW
230 Requests that the client handle flow con- trol characters
231 remotely.
232
233
234 DO ECHO
235 This is not really supported, but is sent to identify a
236 4.2BSD telnet(1) client, which will improperly
237 respond with WILL ECHO. If a WILL ECHO is
238 received, a DONT ECHO will be sent in
239 response.
240
241
242 DO TERMINAL-TYPE
243 Indicates a desire to be able to request the name of the
244 type of terminal that is attached to the client side of the
245 connec- tion.
246
247
248 DO SGA
249 Indicates that it does not need to receive IAC GA,
250 the go ahead command.
251
252
253 DO NAWS
254 Requests that the client inform the server when the window
255 (display) size changes.
256
257
258 DO TERMINAL-SPEED
259 Indicates a desire to be able to request information about
260 the speed of the serial line to which the client is
261 attached.
262
263
264 DO XDISPLOC
265 Indicates a desire to be able to request the name of the X
266 windows display that is associated with the telnet
267 client.
268
269
270 DO NEW-ENVIRON
271 Indicates a desire to be able to request environment
272 variable information, as described in RFC 1572.
273
274
275 DO ENVIRON
276 Indicates a desire to be able to request environment
277 variable information, as described in RFC 1408.
278
279
280 DO LINEMODE
281 Only sent if telnetd is compiled with sup- port for
282 linemode, and requests that the client do line by line
283 processing.
284
285
286 DO TIMING-MARK
287 Only sent if telnetd is compiled with sup- port for both
288 linemode and kludge linemode, and the client responded with
289 WONT LINEMODE. If the client responds with WILL
290 TM, the it is assumed that the client supports kludge
291 linemode. Note that the [[-k] option can be used to disable
292 this.
293
294
295 DO AUTHENTICATION
296 Only sent if telnetd is compiled with sup- port for
297 authentication, and indicates a willingness to receive
298 authentication information for automatic login.
299
300
301 DO ENCRYPT
302 Only sent if telnetd is compiled with sup- port for data
303 encryption, and indicates a willingness to decrypt the data
304 stream. issue.net(5)).
305
306
307 __FILES__
308
309
310 /etc/services, /etc/issue.net
311 __SEE ALSO__
312
313
314 telnet(1), login(1),
315 issue.net(5),
316 __STANDARDS__
317 RFC-854
318
319
320 TELNET PROTOCOL SPECIFICATIONRFC-855TELNET OPTION SPECIFICATIONSRFC-856TELNET BINARY TRANSMISSIONRFC-857TELNET ECHO OPTIONRFC-858TELNET SUPPRESS GO AHEAD OPTIONRFC-859TELNET STATUS OPTIONRFC-860TELNET TIMING MARK OPTIONRFC-861TELNET EXTENDED OPTIONS - LIST OPTIONRFC-885TELNET END OF RECORD OPTIONRFC-1073Telnet Window Size OptionRFC-1079Telnet Terminal Speed OptionRFC-1091Telnet Terminal-Type OptionRFC-1096Telnet X Display Location OptionRFC-1123Requirements for Internet Hosts -- Application andSupportRFC-1184Telnet Linemode OptionRFC-1372Telnet Remote Flow Control OptionRFC-1416Telnet Authentication OptionRFC-1411Telnet Authentication: Kerberos Version 4RFC-1412Telnet Authentication: SPXRFC-1571Telnet Environment Option Interoperability IssuesRFC-1572Telnet Environment Option__BUGS__
321
322
323 Some TELNET commands are only partially
324 implemented.
325
326
327 Because of bugs in the original 4.2 BSD telnet(1),
328 telnetd performs some dubious protocol exchanges to try to
329 discover if the remote client is, in fact, a 4.2 BSD
330 telnet(1).
331
332
333 Binary mode has no common interpretation except between sim-
334 ilar operating systems (Unix in this case).
335
336
337 The terminal type name received from the remote client is
338 converted to lower case.
339
340
341 Telnetd never sends TELNET IAC GA
342 (go ahead) commands.
343
344
345 The source code is not comprehensible.
346
347
2 perry 348 Linux !NetKit (0.17) December 29, 1996 1
1 perry 349 ----
This page is a man page (or other imported legacy content). We are unable to automatically determine the license status of this page.