|Internet||IP ( IPv4 , IPv6 )|
The remote login , and Rlogin allows a computer - user , to a remote computer over a network (such as Internet or Intranet to register) to use them without having to be at the location of the device.
The authentication takes place via a user ID and a password , via the remote host and the source port (host-based authentication, configurable via a global or local rhosts file) or via Kerberos . The source port in the host-based authentication must be in the privileged port range (1–1023).
Rlogin is problematic because of its poor security. When using password-based authentication, both user name and password as well as the entire session content are transmitted unencrypted and can - depending on the network used - be recorded from other computers. Even with host-based authentication, the entire session content is transmitted unencrypted. In addition, every compromise of a network computer that the rhost file classifies as trustworthy leads to the bypassing of the authentication, since the attacker then establishes a connection from a privileged port with any user name (and not only with his locally authenticated user) can. When using Kerberos , the authentication is carried out securely and, depending on the configuration, the session content is transmitted in encrypted form.