Home > Rlogin

rlogin is most commonly deployed on corporate or academic networks, where user account information is shared between all the unix machines on the network (often using NISThe Network Information Service or NIS is Sun Microsystems' " Yellow Pages" (YP) client-server directory service protocol for distributing system configuration data such as user and host names between computers on a computer network. NIS/YP is used for ke). These deployments essentially trust most other machines (and the network infrastructure itself) and the rlogin protocol relies on this trust. rlogind allows logins without password (where rlogind trusts a remote rlogin client) if the remote host appears in the /etc/hosts.equiv file, or if the user in question has a .rhosts file in their home directoryOn Unix systems, a home directory (sometimes called a home folder is a path on the local file system where a user's personal files are stored. Typically this includes configuration files (usually hidden, i. starting with a ". documents, locally installed (which is frequently shared using NFSNetwork File System NFS is a protocol originally developed by Sun Microsystems in 1984 and defined in RFCs 1094, 1813, (3010) and 3530, as a file system which allows a computer to access files over a network as easily as if they were on its local disks.).

rlogin has several serious security problems:

• All information, including passwords, is transmitted unencrypted (making it vulnerable to interception).
• The .rlogin (or .rhosts) file is easy to misuse (potentially allowing anyone to login without a password) - for this reason many corporate system administrators prohibit .rlogin files and actively search their networks for offenders.
• The protocol partly relies on the remote party's rlogin client providing information honestly (including source port and source host name). A corrupt client is thus able to forge this and gain access, as the rlogin protocol has no means of authenticating other machines' identities, or ensuring that the rlogin client on a trusted machine is the real rlogin client.
• The common practice of mounting users' home directories via NFS exposes rlogin to attack by means of fake .rhosts files - this means that any of NFS' (legion) security faults automatically plague rlogin.

Due to these serious problems rlogin was rarely used across untrusted networks (like the public internet) and even in closed deployments it has fallen into relative disuse (with many Unix and LinuxThis article is about Linux-based operating systems, GNU/Linux, and related topics. See Linux kernel for the kernel itself. See Linux (washing powder) for the Swiss brand of washing powder. Tux, a plump penguin, is the official Linux mascot Linux is the n distributions no longer including it by default). Many networks which formerly relied on rlogin and telnet have replaced it with SSHIn computing, Secure shell or SSH is both a computer program and an associated network protocol designed for logging into and executing commands on a remote computer. It is intended to replace the earlier rlogin, telnet and rsh protocols, and provides sec and its rlogin-equivalent slogin.

The original Berkeley package which provides rlogin also features rcp (remote-copy, allowing files to be copied over the network) and rsh (remote-shell, allowing commands to be run on a remote machine without the user logging into it). These share the hosts.equiv and .rhosts access-control scheme (although they connect to a different daemon, rshd), and as such suffer from the same security problems. The ssh suite contains suitable replacements for both: scp replaces rcp, and ssh itself replaces both rlogin and rsh.