rpc.rexd(1M)
NAME
rpc.rexd, rexd - RPC-based remote execution server
SYNOPSIS
/usr/sbin/rpc.rexd [-s]
DESCRIPTION
rpc.rexd is the Sun RPC server for remote program execution.
This daemon is started by inetd(1M) whenever a remote execu-
tion request is made.
For non-interactive programs, the standard file descriptors
are connected directly to TCP connections. Interactive pro-
grams involve pseudo-terminals, in a fashion that is similar
to the login sessions provided by rlogin(1). This daemon may
use NFS to mount file systems specified in the remote execu-
tion request.
OPTIONS
The following options are supported:
-s Secure. When specified, requests must have valid DES
credentials. If the request does not have a DES
credential it is rejected. The default publickey
credential is rejected. Only newer on(1) commands send
DES credentials.
If access is denied with an authentication error, you
may have to set your publickey with the chkey(1) com-
mand.
Specifying the -s option without presenting secure
credentials will result in an error message: Unix too
weak auth (DesONly)!
SECURITY
rpc.rexd uses pam(3PAM) for account and session management.
The PAM configuration policy, listed through /etc/pam.conf,
specifies the modules to be used for rpc.rexd. Here is a
partial pam.conf file with rpc.rexd entries for account and
session management using the UNIX module.
rpc.rexd account requisite pam_roles.so.1
rpc.rexd account required pam_projects.so.1
rpc.rexd account required pam_unix_account.so.1
rpc.rexd session required pam_unix_session.so.1
If there are no entries for the rpc.rexd service, then the
entries for the "other" service will be used. rpc.rexd uses
the getpwuid() call to determine whether the given user is a
legal user.
FILES
/dev/ptsn
Pseudo-terminals used for interactive mode
/etc/passwd
Authorized users
/tmp_rex/rexd??????
Temporary mount points for remote file systems
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | SUNWnisu |
|_____________________________|_____________________________|
SEE ALSO
chkey(1), on(1), rlogin(1), inetd(1M), pam(3PAM),
inetd.conf(4), pam.conf(4), publickey(4), attributes(5),
pam_authtok_check(5), pam_authtok_get(5),
pam_authtok_store(5), pam_dhkeys(5), pam_passwd_auth(5),
pam_unix(5), pam_unix_account(5), pam_unix_auth(5),
pam_unix_session(5)
DIAGNOSTICS
Diagnostic messages are normally printed on the console, and
returned to the requestor.
NOTES
Root cannot execute commands using rexd client programs such
as on(1).
The pam_unix(5) module might not be supported in a future
release. Similar functionality is provided by
pam_authtok_check(5), pam_authtok_get(5),
pam_authtok_store(5), pam_dhkeys(5), pam_passwd_auth(5),
pam_unix_account(5), pam_unix_auth(5), and
pam_unix_session(5).
Man(1) output converted with
man2html