CPU(1)                                                     CPU(1)

     NAME
          cpu - connection to CPU server

     SYNOPSIS
          cpu [ -p ] [ -h server ] [ -u user ] [ -a auth-method ] [ -P
          patternfile ] [ -e encryption-hash-algs ] [ -k keypattern ]
          [ -c cmd args ... ]

          cpu [ -n ] [ -A address ] [ -R ]

     DESCRIPTION
          This tool is deprecated and has been replaced by rcpu(1).

          Cpu starts an rc(1) running on the server machine, or the
          machine named in the $cpu environment variable if there is
          no -h option.  Rc's standard input, output, and error files
          will be /dev/cons in the name space where the cpu command
          was invoked.  Normally, cpu is run in an rio(1) window on a
          terminal, so rc output goes to that window, and input comes
          from the keyboard when that window is current.  Rc's current
          directory is the working directory of the cpu command
          itself.

          The name space for the new rc is an analogue of the name
          space where the cpu command was invoked: it is the same
          except for architecture-dependent bindings such as /bin and
          the use of fast paths to file servers, if available.

          If a -u argument is present, cpu uses the argument as the
          remote user id.

          If a -c argument is present, the remainder of the command
          line is executed by rc on the server, and then cpu exits.

          If a -P argument is present, the patternfile is passed to
          exportfs(4) to control how much of the local name space will
          be exported to the remote system.

          The -a command allows the user to specify the authentication
          mechanism used when connecting to the remote system.  The
          two possibilities for auth-method are:

          p9      This is the default.  Authentication is done using
                  the standard Plan 9 mechanisms, (see authsrv(6)). No
                  user interaction is required.
          netkey  Authentication is done using challenge/response and
                  a hand held authenticator or the netkey program (see
                  passwd(1)). The user must encrypt the challenge and
                  type the encryption back to cpu. This is used if the
                  local host is in a different protection domain than

     Page 1                       Plan 9             (printed 12/3/24)

     CPU(1)                                                     CPU(1)

                  the server or if the user wants to log into the
                  server as a different user.
          none    This skips authentication. This requires the -n flag
                  to be specified on the remote side.

          The -e option specifies an encryption and/or hash algorithm
          to use for the connection.  If both are specified, they must
          be space separated and comprise a single argument, so they
          must be quoted if in a shell command.  The default is
          `rc4_256' encryption and `sha1' hashing.  See ssl(3) for
          details on possible algorithms.  The argument `clear' speci-
          fies no encryption algorithm and can be used to talk to
          older versions of the cpu service.

          The -k flag specifies a key pattern to use to restrict the
          keys selected by the auth_proxy call used for authentica-
          tion.

          The name space is built by running /usr/$user/lib/profile
          with the root of the invoking name space bound to /mnt/term.
          The service environment variable is set to cpu; the cputype
          and objtype environment variables reflect the server's
          architecture.

          The -R flag causes cpu to run the server (remote) side of
          the protocol.  It is run from service files such as
          /bin/service/tcp17010.  The -n option allows using the none
          authentication method for incoming connections and must be
          specified before the -R flag.

          The -p flag pushes the aan(8) filter onto the connection to
          protect against temporary network outages.

          The -A flag sets the announce-string address to use for
          aan(8) connections, if requested by the initial protocol.

     FILES
          The name space of the terminal side of the cpu command is
          mounted, via exportfs(4), on the CPU side on directory
          /mnt/term.  The files such as /dev/cons are bound to their
          standard locations from there.

     SOURCE
          /sys/src/cmd/cpu.c

     SEE ALSO
          rcpu(1), rc(1), rio(1), exportfs(4), aan(8)

     BUGS
          Binds and mounts done after the terminal lib/profile is run
          are not reflected in the new name space.

     Page 2                       Plan 9             (printed 12/3/24)

     CPU(1)                                                     CPU(1)

          By default, the entire namespace of the local system is
          exported to the remote system. Use of the -P option in con-
          junction with a customized patternfile can limit this expo-
          sure, but also limits the usefulness of /mnt/term.

     Page 3                       Plan 9             (printed 12/3/24)