man krb5-rcp (Commandes) - remote file copy

NAME

rcp - remote file copy

SYNOPSIS

rcp [-p] [-x] [-k realm ] [-c ccachefile] [-C configfile] [-D port] [-N] [-PN | -PO] file1 file2 rcp [-p] [-x] [-k realm] [-r] [-D port] [-N] [-PN | -PO] file ... directory rcp [-f | -t] ...

DESCRIPTION

Rcp copies files between machines. Each file or directory argument is either a remote file name of the form ``rhost:path'', or a local file name (containing no `:' characters, or a `/' before any `:'s).

By default, the mode and owner of file2 are preserved if it already existed; otherwise the mode of the source file modified by the umask(2) on the destination host is used.

If path is not a full path name, it is interpreted relative to your login directory on rhost. A path on a remote host may be quoted (using \, ", or ) so that the metacharacters are interpreted remotely.

Rcp does not prompt for passwords; it uses Kerberos authentication when connecting to rhost. Each user may have a private authorization list in a file .k5login in his login directory. Each line in this file should contain a Kerberos principal name of the form principal/instance@realm. If there is a ~/.k5login file, then access is granted to the account if and only if the originater user is authenticated to one of the principals named in the ~/.k5login file. Otherwise, the originating user will be granted access to the account if and only if the authenticated principal name of the user can be mapped to the local account name using the aname -> lname mapping rules (see krb5_anadd(8) for more details).

OPTIONS

-p
attempt to preserve (duplicate) the modification times and modes of the source files in the copies, ignoring the umask.
-x
encrypt all information transferring between hosts.
-k realm
obtain tickets for the remote host in realm instead of the remote host's realm as determined by krb_realmofhost(3).
-c ccachefile
change the default credentials cache file to ccachefile
-C configfile
change the default configuation file to configfile
-r
if any of the source files are directories, copy each subtree rooted at that name; in this case the destination must be a directory.
-PN
-PO
Explicitly request new or old version of the Kerberos ``rcmd'' protocol. The new protocol avoids many security problems found in the old one, but is not interoperable with older servers. (An "input/output error" and a closed connection is the most likely result of attempting this combination.) If neither option is specified, some simple heuristics are used to guess which to try.
-D port
connect to port port on the remote machine.
-N
use a network connection, even when copying files on the local machine (used for testing purposes).
-f -t
These options are for internal use only. They tell the remotely-running rcp process (started via the Kerberos remote shell daemon) which direction files are being sent. These options should not be used by the user. In particular, -f does not mean that the user's Kerberos ticket should be forwarded!

Rcp handles third party copies, where neither source nor target files are on the current machine. Hostnames may also take the form ``rname@rhost'' to use rname rather than the current user name on the remote host.

FILES

~/.k5login
(on remote host) - file containing Kerberos principals that are allowed access.

SEE ALSO

cp(1), ftp(1), rsh(1), rlogin(1), kerberos(3), krb_getrealm(3), kshd(8), rcp(1) [UCB version]

BUGS

Rcp doesn't detect all cases where the target of a copy might be a file in cases where only a directory should be legal.

Rcp is confused by any output generated by commands in a .login, .profile, or .cshrc file on the remote host.

Kerberos is only used for the first connection of a third-party copy; the second connection uses the standard Berkeley rcp protocol.