Remote login is the ability to use another computer on the Internet or a TCP/IP network as if you were sitting at it. Researchers use remote login to access supercomputers. Libraries use it to check remote online library catalogs. Individuals can even use it to order CDs—compact discs, not Certificates of Deposit. :-)
This chapter talks about Telnet, TN3270, and rlogin. All three of these programs are used to remotely log in to other computers. Each serves a slightly different purpose, although Telnet is the most widely used. Telnet is available on almost any platform in existence. TN3270 is also very common, although it is not always available. The rlogin program is primarily available on UNIX and VMS machines, although it does exist on some other platforms.
Telnet is a program that lets you communicate with another machine using the Telnet protocol. Suppose that you are in Texas and you want to run a program on a computer several hundred miles away in Virginia; if your local machine and the remote machine in Virginia are connected to the same network running TCP/IP or on the Internet, and you have an account on the remote machine in Virginia, you can remotely log in to that machine to run your program instead of traveling all the way to Virginia to complete your tasks.
Telnet allows you to log in to a remote machine and execute commands on the remote machine as if you were using the remote machine locally. The syntax of the UNIX version of Telnet is as follows:
telnet [host [port]]
In this syntax, host is the name or IP address of the machine you want to connect to; port is the port number of the remote machine. The default port is 23.
If you issue the following command at the UNIX prompt, you can connect to the machine jaring at port 23 in Malaysia:
% telnet jaring.my
Trying...
Connected to jaring.my.
Escape character is '^]'.
SunOS UNIX (jaring)
login:
If you have a valid user ID on that machine, you can enter your account name at the login prompt now.
If you type only telnet and press Enter at the UNIX prompt, you are in the command mode of Telnet:
% telnet
telnet>
Telnet waits for you to enter a command. All commands can be found in the Telnet help (enter either help or ?). Commands may be abbreviated. The result of the help command is shown in the following listing:
close Close current connection
display Display operating parameters
mode Try to enter line-by-line or character-at-a-time mode
open Connect to a site
quit Exit Telnet
send Transmit special characters
set Set operating parameters
status Print status information
toggle Toggle operating parameters
z Suspend Telnet
! Shell escape
? Print help information
To get more information on each command, use the following command in command mode:
command ?
In this syntax, command is the actual command name (for example, send, status, and so on).
In addition to getting help from within Telnet in command mode, you can display the UNIX man page for Telnet by issuing the command man telnet at the UNIX prompt.
Typing telnet cs.unt.edu at the UNIX prompt (normally a % or $) is the same as typing open cs.unt.edu in the Telnet command mode:
telnet> open cs.unt.edu
Trying...
Connected to ponder.csci.unt.edu.
Escape character is '^]'.
DYNIX(R) V3.1.4 (ponder)
login:
The open command opens a connection to the specified machine (in this case, to cs.unt.edu). For some machines, you can abbreviate open as o.
The line Connected to ponder.csci.unt.edu. indicates that you are connected to the machine ponder in the Computer Science department at the University of North Texas. You have probably noticed that the original address cs.unt.edu is different from the "connected to" address ponder.csci.unt.edu. In this case, both addresses refer to the same machine. You can find out more about it by typing nslookup cs.unt.edu on most UNIX machines (you will discover that cs.unt.edu is an alias of ponder.csci.unt.edu). Some Telnet clients show you the same address you entered instead of the original name of the alias.
At the login: prompt, type your user ID (the ID for your account on the remote machine). For example, to log in on cs.unt.edu as ooi, I type ooi. Then you see the Password: prompt. After entering the password, you are connected to ponder and you see the remote prompt:
@Ponder>>
You can now use the machine ponder as if you were logged in there locally. After you finish using that machine, enter logout or exit to log out from the remote machine.
As mentioned earlier, the default Telnet port is port 23. If you Telnet to a remote machine without specifying a port, you are connected to port 23, which is the standard port for an interactive login (that is, a login: prompt). However, you can also Telnet to other available ports on the machine if they are set up for something. For example, you can Telnet to port 2034 of camms2.caos.kun.nl to get the periodic table of elements:
% telnet camms2.caos.kun.nl 2034
Trying...
Connected to camms2.caos.kun.nl.
Escape character is '^]'.
(camms2) Ultrix 4.3:
The Electronic Periodic Table of the Elements
CAOS/CAMM Center, KUN, Nijmegen, NL. May 1993
Commands: {key} - {action}
a - Abbreviations Table n - Numbered Table
b - Basic Metric Units o - (future implement.)
c - Properties of Metals as Conductors p - Redraw Symbols Table
d - Documentation/ Reference Text q - (future implement.)
e - Periodic Table (Newlands, 1865) r - Radii,Ionic w states
f - Periodic Table (Medeleev, 1872) s - Show element groups
g - Draw Group Labels t - (future implement.)
h - Move left u - Show e-config. on PT
i - Information on specific element v - Visual Enhancement
j - Move down w - (future implement.)
k - Move up x - Exit/Quit
l - Move right y - (future implement.)
m - Metrix Prefixes z - (future implement.)
You can get a list of Telnet-accessible Internet sites compiled by Scott Yanoff from ftp://ftp.csd.uwm.edu/pub/inet.services.txt. This list has a lot of Internet sites to which you can Telnet for different purposes. In addition, refer to Chapter 29 of this book, "Opening Doors with Hytelnet," which covers Hytelnet, a software package that lists Telnet sites.
What do you do if your screen locks up when you are in a Telnet session? "Turn off the computer!" "No, kick it!" "No, reboot it!"
Sadly, none of these is the correct answer. You can always escape out instead of turning off your computer. Escape lets you get to command mode from the Telnet session. When you are in command mode, you can issue a quit or close command to terminate the Telnet session.
How do you get to command mode by escaping from the Telnet session? The escape character is usually Ctrl+] (sometimes represented as ^]; press and hold the Ctrl key and press the right bracket). When you first start your Telnet session, Telnet reminds you of the escape sequence:
% telnet cs.unt.edu
Trying...
Connected to ponder.csci.unt.edu.
Escape character is '^]'.
DYNIX(R) V3.1.4 (ponder)
login:
The line Escape character is '^]' lists the escape character you want to remember when you are stuck in a Telnet session. Simply press Ctrl+] to return to the command mode with the Telnet prompt:
telnet>
To quit the session, type quit or close at the telnet> prompt. Likewise, to return to the Telnet session, press Enter or Return (you go back to where you were before you pressed the escape sequence).
Telnet has some other useful commands in addition to quit, close, and open that you can use from command mode. The following sections describe a few of these commands.
Occasionally, you may want to Telnet from one machine to another, and then Telnet from the second machine to another machine. Before you Telnet to the second machine, issue the following command at the telnet> prompt:
set escape character
This command sets the escape character of the second Telnet session to something other than the original ^] escape character. If you don't set the escape character to something else for the second Telnet session, when you press Ctrl+], you return to the command mode of the first Telnet session.
The status command shows the current status of the Telnet session you are in:
telnet> status
Connected to ponder.csci.unt.edu.
Operating in character-at-a-time mode.
Escape character is '^]'.
In this example, the Telnet session is currently connected to ponder.csci.unt.edu, input mode is character-at-a-time mode (that is, Telnet sends a character at a time to the remote machine as you type), and the escape character is ^] (Ctrl+]).
If your shell supports job control (that is, if you can suspend and resume processes), you can use the z command. Typing z at the telnet> prompt lets you temporarily get out of the Telnet session and back to your local machine. When you "get back to your local machine," you see the prompt you normally do before you start Telnet. Type fg to bring the Telnet session back to the foreground.
Of course, these are not the only commands you can use in command mode. I will let you explore the rest. :-)
You cannot use Telnet to access an IBM mainframe or compatible machine unless the mainframe has a protocol converter. However, TN3270 is a full-screen, full-duplex 3270 emulation program that lets you access these types of machines. TN3270 is actually a version of Telnet that has been modified to emulate a 3270 terminal. In fact, some TN3270 programs act just like normal Telnet if you do not connect to an IBM mainframe.
If you try to connect to the IBM mainframe vm.acs.unt.edu (the University of North Texas VM machine) with Telnet, you get the following response:
%telnet vm.acs.unt.edu
Trying...
Connected to vm.acs.unt.edu.
Escape character is '^]'.
Connection closed by foreign host.
%
The mainframe refused to bring you to a 3270 mode with Telnet. However, if you use TN3270 to access that same machine, it negotiates nicely into 3270 emulation mode; it's just as if you were using a 3270 terminal connected to the mainframe:
%tn3270 vm.acs.unt.edu
VM/XA SP ONLINE
T H E C O M P U T I[]G C E[]T E R
UU UU NNN NN TTTTTTTTTT
UU UU NNNN NN TTTTTTTTTT
UU UU NN NN NN TT
UU UU NN NN NN TT
UUUUUUUUUUU NN NNNN TT
UUUUUUUUU NN NNN TT
R E L E A S E 2 . 1
Fill in your USERID and PASSWORD and press ENTER
(Your password will not appear when you type it)
USERID ===>
PASSWORD ===>
COMMAND ===>
RUNNING UNTVM1
TN3270 uses /etc/map3270 and your terminal type to determine what kind of key mapping it should use when connected to the mainframe. You can edit /etc/map3270 to make the keys work the way you want them to; if you do not have the root password to modify /etc/map3270, you can use mset to modify the key map. For more information, type man mset at the UNIX prompt.
By default, you quit a TN3270 session by pressing Ctrl+C and typing quit or close. Sometimes, however, system administrators want to make TN3270 work as much like Telnet as possible, and change the escape key from Ctrl+C to Telnet's Ctrl+] escape key.
The rlogin program is like Telnet in that it lets you log in to a remote machine from your local machine. Other than that basic similarity, there are many differences between rlogin and Telnet. Rlogin stands for remote login.
Rlogin allows you to remotely log in to an equivalent host without entering a user ID or password—if the remote host has the right information in either the /etc/hosts.equiv or .rhosts file. The .rhosts file must be in your account on the remote host; it can be owned by root or by you. The format of .rhosts is as follows:
hostname username
In this syntax, hostname can be your local hostname or the name of the machine you want to remotely log in from. The username is the same as your login name on the machine you remotely log in from. A + in either field means anything; for example, the following line in .rhosts means that user abc can remotely log in from any host to the machine without a password:
+ abc
The following .rhosts line means that anybody from thishost can log in to your account without a password:
thishost +
You can omit the username if it is the same on both hosts. However, both of these examples are very dangerous security holes. In the first example, anybody on the Internet with the user ID abc can log into your account. In the second example, any user on thishost can log in to your account. Therefore, these two examples are not recommended for real-life use.
The /etc/hosts.equiv file is used by the system administrator. Hosts that have the same set of user IDs are included in this file so that rlogin users can switch between hosts without ever specifying their passwords. However, if a host that uses a different set of user IDs is included in that file, a security problem arises: the wrong people may be able to access your account without a password.
CAUTION If you are a system administrator, please note that some UNIX vendors put a + in the /etc/hosts.equiv file by default. This must be removed immediately.
This section presents some sample rlogin sessions.
In this first example, I have a .rhosts file in my home directory on ponder.csci.unt.edu. The file contains my local host and login ID, as shown here:
metronet.com ooi
To rlogin from metronet.com from my account ooi to ponder.csci.unt.edu, I issue the following command:
%rlogin ponder.csci.unt.edu
Last login: Mon Jan 2 20:35:55 from feenix.metronet.
Welcome to
The University of North Texas
Department of Computer Science
Denton
T e x a s
-* Sequent Symmetry - S81 *-
#*****************************************#
# For assistance send mail to 'sysadm' #
# or #
# call 8175552642,3076 #
#*****************************************#
Type 'news' for local ponder news items.
To view these messages again type 'more /etc/motd'
*******************************************************************
My information shows that you are logged in on a vt100.
@Ponder>>
If I delete my .rhosts file and try the same rlogin sequence, here is what I get:
% rlogin ponder.csci.unt.edu
Password:
Because I no longer have a .rhosts file in my account on ponder.csci.unt.edu, I was prompted for a password. If I don't enter the correct password, it throws me back to the login prompt so that I must enter a login ID and password. If your login name on the remote host is different than the one on your local host, you can use the rlogin command with the -l option, provided that you have a .rhosts file or an entry in /etc/hosts.equiv on the remote host:
rlogin remote-host -l remote-login-id
Your terminal settings are usually propagated to the remote host when you use rlogin to connect to it. These settings include the terminal type, the number of rows, and the number of columns. In fact, if you resize your rlogin window in a GUI environment, the remote host automatically picks that up.
When you use Telnet and TN3270, the terminal settings are fixed by default. If you want to change the terminal settings, you must do it manually when you resize the window or make any other changes.
Can you use Ctrl+] with rlogin like you do in Telnet to escape out of a session? No! Instead, you use ~! to shell out from the remote host back to the local host. The tilde (~) is the escape character and the exclamation point (!) is used to shell out.
@Ponder>> ~!
%
To get back to the remote host from the shell, type exit:
% exit
exit
[Returning to remote]
@Ponder>>
If you ever get stuck on the remote host during a rlogin session, type ~. (tilde period) to exit from the rlogin session totally:
@Ponder>> ~.
Closed connection.
%
You can also suspend your rlogin process by typing ~ (tilde) and then pressing Ctrl+Z:
@Ponder>> ~^Z
Stopped.
%
This sequence brings you back to your local host. Simply type fg to return to the foreground rlogin session:
% fg
rlogin ponder.csci.unt.edu
@Ponder>>
To exit from the remote host, use your usual logout procedure.
Although this chapter focuses on the UNIX versions of the Telnet, TN3270, and rlogin programs (UNIX versions are the most common; many other versions are based on the UNIX source code), Telnet, TN3270, and rlogin programs exist for many other platforms. Some graphical versions that support color exist for GUI-based systems such as Windows and X.
Figure 23.1 shows a Telnet session from Novell's LAN Workplace under Windows. Figure 23.2 is an example of a TN3270 session from the same package. In both cases, notice the pull-down menus at the top. The TN3270 session also has some buttons at the top of the screen; click them to send special TN3270 keys such as PA1 and Clear to the remote host.
FIGURE 23.1. A sample Telnet session under Windows.
FIGURE 23.2. A sample TN3270 session under Windows.
The Telnet, TN3270, and rlogin programs will always remain important to people who own multiple computer accounts. However, we are seeing that there is an increasing trend to make information databases client-server based instead of having users use a remote login program to access the databases. This trend will continue as the Web continues its growth. Even library systems, which have traditionally been accessible with Telnet, are gradually switching to a client-server protocol known as Z39.50.
