| TELNETD(8) | System Manager's Manual | TELNETD(8) | 
telnetd —
| /usr/libexec/telnetd | [ -Uhlkns46] [-Ddebugmode] [-Stos] [-Xauthtype] [-aauthmode] [-edebug]
      [-ggettyent]
      [-ulen]
      [-debug[port]] | 
telnetd command is a server which supports the DARPA
  standard TELNET virtual terminal protocol. telnetd is
  normally invoked by the internet server (see
  inetd(8)) for requests to connect
  to the TELNET port as indicated by the /etc/services
  file (see services(5)). The
  -debug option may be used to start up
  telnetd manually, instead of through
  inetd(8). If started up this way,
  port may be specified to run
  telnetd on an alternate TCP port number.
The telnetd command accepts the following
    options:
-a
    authmodetelnetd has been compiled with support for the
      AUTHENTICATION option. There are several valid
      values for authmode:
    -a valid.-D
    debugmodetelnetd to print out debugging information to the
      connection, allowing the user to see what telnetd
      is doing. There are several possible values for
      debugmode:
    optionsreportoptions information, plus some
          additional information about what processing is going on.netdatatelnetd.ptydataexercise-debugtelnetd (see SO_DEBUG in
      socket(2)).-edebugtelnetd has been compiled with support for data
      encryption, then the -edebug option may be used to
      enable encryption debugging code.-g
    gettyentdefault.-h-ktelnetd has been
      compiled with both linemode and kludge linemode support. If the
      -k option is specified, then if the remote client
      does not support the LINEMODE option, then
      telnetd will operate in character at a time mode.
      It will still support kludge linemode, but will only go into kludge
      linemode if the remote client requests it. (This is done by by the client
      sending DONT SUPPRESS-GO-AHEAD and
      DONT ECHO.) The -k option
      is most useful when there are remote clients that do not support kludge
      linemode, but pass the heuristic (if they respond with
      WILL TIMING-MARK in response to a
      DO TIMING-MARK) for kludge linemode support.-lLINEMODE option is not supported, it will go
      into kludge linemode.-nTCP keep-alives. Normally
      telnetd enables the TCP keep-alive mechanism to
      probe connections that have been idle for some period of time to determine
      if the client is still there, so that idle connections from machines that
      have crashed or can no longer be reached may be cleaned up.-stelnetd is compiled
      with support for secure logins. It causes the -s
      option to be passed on to
      login(1), and thus is only
      useful if login(1) supports
      the -s flag to indicate that only Kerberos or
      S/Key validated logins are allowed, and is usually useful for controlling
      remote logins from outside of a firewall.-S
    tos-u
    lenutmp structure that holds the remote host name. If
      the resolved host name is longer than len, the
      dotted decimal value will be used instead. This allows hosts with very
      long host names that overflow this field to still be uniquely identified.
      Specifying -u0 indicates that only dotted decimal
      addresses should be put into the utmp file.-Utelnetd to refuse connections
      from addresses that cannot be mapped back into a symbolic name via the
      getnameinfo(3)
    routine.-X
    authtypetelnetd has been
      built with support for the authentication option. It disables the use of
      authtype authentication, and can be used to
      temporarily disable a specific authentication type without having to
      recompile telnetd.-4-6-debug
      mode. During normal operation (called from
      inetd(8))
      telnetd will use the file descriptor passed from
      inetd(8).telnetd operates by allocating a
    pseudo-terminal device (see
    pty(4)) for a client, then
    creating a login process which has the slave side of the pseudo-terminal as
    stdin, stdout and
    stderr. telnetd manipulates
    the master side of the pseudo-terminal, implementing the TELNET protocol and
    passing characters between the remote client and the login process.
When a TELNET session is started up,
    telnetd sends TELNET options to the client side
    indicating a willingness to do the following TELNET options, which are
    described in more detail below:
DO AUTHENTICATION WILL ENCRYPT DO TERMINAL TYPE DO TSPEED DO XDISPLOC DO NEW-ENVIRON DO ENVIRON WILL SUPPRESS GO AHEAD DO ECHO DO LINEMODE DO NAWS WILL STATUS DO LFLOW DO TIMING-MARK
The pseudo-terminal allocated to the client is configured to
    operate in “cooked” mode, and with XTABS
    and CRMOD enabled (see
    tty(4)).
telnetd has support for enabling locally
    the following TELNET options:
LINEMODE option is enabled, a
      WILL ECHO or WONT ECHO
      will be sent to the client to indicate the current state of terminal
      echoing. When terminal echo is not desired, a WILL
      ECHO is sent to indicate that telnetd will take care of echoing any
      data that needs to be echoed to the terminal, and then nothing is echoed.
      When terminal echo is desired, a WONT ECHO is sent
      to indicate that telnetd will not be doing any terminal echoing, so the
      client should do any terminal echoing that is needed.IAC GA, go
      ahead, commands.DO TIMING-MARK command is received, it
      is always responded to with a WILL
    TIMING-MARKDO LOGOUT is received, a
      WILL LOGOUT is sent in response, and the TELNET
      session is shut down.telnetd is compiled with support for
      data encryption, and indicates a willingness to decrypt the data
    stream.telnetd has support for enabling remotely
    the following TELNET options:
WILL ECHO. If a
      WILL ECHO is received, a DONT
      ECHO will be sent in response.IAC GA,
      the go ahead command.telnetd is compiled with support for
      linemode, and requests that the client do line by line processing.telnetd is compiled with support for
      both linemode and kludge linemode, and the client responded with
      WONT LINEMODE. If the client responds with
      WILL TM, the it is assumed that the client
      supports kludge linemode. Note that the [-k]
      option can be used to disable this.telnetd is compiled with support for
      authentication, and indicates a willingness to receive authentication
      information for automatic login.telnetd is compiled with support for
      data encryption, and indicates a willingness to decrypt the data
    stream.At the end of a login session, telnetd
    invokes the ttyaction(3)
    facility with an action of "telnetd" and user "root" to
    execute site-specific commands.
Because of bugs in the original 4.2BSD
    telnet(1),
    telnetd performs some dubious protocol exchanges to
    try to discover if the remote client is, in fact, a
    4.2BSD
    telnet(1).
Binary mode has no common interpretation except between similar operating systems (UNIX in this case).
The terminal type name received from the remote client is converted to lower case.
telnetd never sends TELNET
    IAC GA (go ahead) commands.
| December 16, 2018 | NetBSD 9.0 |