The remote login, and rlogin, allows a computer user to log on a remote computer over a network (eg, Internet or intranet ) to use this without having to be at the location of the device must.
The authentication is done via a user ID and a password on the remote host and the source port (host- based authentication, configurable via a global or local rhosts file ) or via Kerberos. The source port in host-based authentication must be in the privileged port range ( 1-1023 ).
Rlogin is problematic because of its poor safety records. When using the password - based authentication for both the username and password as well as the entire session content is transmitted unencrypted and can - depending on the type of network - are recorded from other computers. Even when host-based authentication of the entire session content is transmitted unencrypted. In addition, each compromising a network computer, which the rhost file classifies as trustworthy, to bypass the authentication because from there the attacker then to establish a connection from a privileged port with any user name (and not only with its locally authenticated ) leads can. When using Kerberos authentication is transferred securely and encrypted performed depending on the configuration of the session content.