rpc.rexd(1M)




NAME

     rpc.rexd, rexd - RPC-based remote execution server


SYNOPSIS

     /usr/sbin/rpc.rexd [-s]


DESCRIPTION

     rpc.rexd is the Sun RPC server for remote program execution.
     This daemon is started by inetd(1M) whenever a remote execu-
     tion request is made.

     For non-interactive programs, the standard file  descriptors
     are  connected directly to TCP connections. Interactive pro-
     grams involve pseudo-terminals, in a fashion that is similar
     to the login sessions provided by rlogin(1). This daemon may
     use NFS to mount file systems specified in the remote execu-
     tion request.


OPTIONS

     The following options are supported:

     -s    Secure. When specified, requests must have  valid  DES
           credentials.  If  the  request  does  not  have  a DES
           credential  it  is  rejected.  The  default  publickey
           credential is rejected. Only newer on(1) commands send
           DES credentials.

           If access is denied with an authentication error,  you
           may  have to set your publickey with the chkey(1) com-
           mand.

           Specifying the -s  option  without  presenting  secure
           credentials  will result in an error message: Unix too
           weak auth (DesONly)!


SECURITY

     rpc.rexd uses pam(3PAM) for account and session  management.
     The  PAM configuration policy, listed through /etc/pam.conf,
     specifies the modules to be used for  rpc.rexd.  Here  is  a
     partial  pam.conf file with rpc.rexd entries for account and
     session management using the UNIX module.

     rpc.rexd   account requisite       pam_roles.so.1
     rpc.rexd   account required        pam_projects.so.1
     rpc.rexd   account required        pam_unix_account.so.1

     rpc.rexd      session required      pam_unix_session.so.1

     If there are no entries for the rpc.rexd service,  then  the
     entries  for the "other" service will be used. rpc.rexd uses
     the getpwuid() call to determine whether the given user is a
     legal user.


FILES

     /dev/ptsn
           Pseudo-terminals used for interactive mode

     /etc/passwd
           Authorized users

     /tmp_rex/rexd??????
           Temporary mount points for remote file systems


ATTRIBUTES

     See attributes(5) for descriptions of the  following  attri-
     butes:

     ____________________________________________________________
    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    |_____________________________|_____________________________|
    | Availability                | SUNWnisu                    |
    |_____________________________|_____________________________|


SEE ALSO

     chkey(1),   on(1),    rlogin(1),    inetd(1M),    pam(3PAM),
     inetd.conf(4),   pam.conf(4),  publickey(4),  attributes(5),
     pam_authtok_check(5),                    pam_authtok_get(5),
     pam_authtok_store(5),   pam_dhkeys(5),   pam_passwd_auth(5),
     pam_unix(5),     pam_unix_account(5),      pam_unix_auth(5),
     pam_unix_session(5)


DIAGNOSTICS

     Diagnostic messages are normally printed on the console, and
     returned to the requestor.


NOTES

     Root cannot execute commands using rexd client programs such
     as on(1).

     The pam_unix(5) module might not be supported  in  a  future
     release.    Similar    functionality    is    provided    by
     pam_authtok_check(5),                    pam_authtok_get(5),
     pam_authtok_store(5),   pam_dhkeys(5),   pam_passwd_auth(5),
     pam_unix_account(5),          pam_unix_auth(5),          and
     pam_unix_session(5).


Man(1) output converted with man2html