rhosts man page on BSDi

Man page or keyword search:  
man Server   6284 pages
apropos Keyword Search (all sections)
Output format
BSDi logo
[printable version]

HOSTS.EQUIV(5)		    BSD Programmer's Manual		HOSTS.EQUIV(5)

NAME
     hosts.equiv, .rhosts - files listing trusted remote hosts and users

DESCRIPTION
     The /etc/hosts.equiv and .rhosts files list authorized hosts and users
     for the rsh(1),  rcp(1),  and rlogin(1) commands, and the rcmd(3) library
     routine.  These commands and functions use either the iruserok(3) or
     ruserok(3) functions to implement ``authentication''.

     The /etc/hosts.equiv and .rhosts files specify remote hosts and users
     that are trusted (i.e., which may bypass the standard password authenti-
     cation mechanism).

     Care should be taken when setting up these files to maintain system secu-
     rity.  Specifically:

     1.	  The /etc/hosts.equiv file should be owned by the super-user.
     2.	  The .rhosts files should be owned by each individual user.
     3.	  Both the /etc/hosts.equiv and the .rhosts files should be mode 600
	  (-rw-------), i.e. readable and writable by the owner only.
     4.	  No entries from untrusted machines should be included in either
	  file.

     The rest of this manual page will refer to the host from which the access
     request is coming as the ``remote host'', and the user name on the remote
     host as the ``remote user''. Similarly, the host responding to the access
     request is the ``local host'', and the user name on the local host for
     which access is requested is the ``local user''. Generally, the command
     interfaces which provide network access, (e.g., rlogin(1)),  automatical-
     ly use the local user's login name as the remote user name, unless anoth-
     er remote user name is explicitly specified.

     The format for entries in both the /etc/hosts.equiv and the .rhosts files
     is as follows:

	   hostname [username]

     If the remote user is NOT the super-user, the /etc/hosts.equiv file is
     checked before the .rhosts file is checked.

     An entry in the /etc/hosts.equiv file of the form

	   hostname

     indicates that remote users from the specified remote host may access the
     local host using the same login name as they use on the remote host.

     An entry in the /etc/hosts.equiv file of the form

	   hostname username

     indicates that the specified remote user from the specified remote host
     may access the local host as any user. For obvious reasons, the latter
     syntax is extremely dangerous, and should almost never be used.

     If the /etc/hosts.equiv lookup is not done or is unsuccessful, the
     .rhosts file in the local user's home directory is checked.  If the us-
     er's .rhosts file:

	   does not exist
	   is not a regular file
	   is not owned by the local user or the super-user
	   is writable by anyone other than the file owner

     ... access will not be granted.

     An entry in the .rhosts file of the form

	   hostname

     indicates that the remote user on the specified remote host with the same
     login name as the local user can access the local host.

     An entry in the .rhosts file of the form

	   hostname username

     indicates that the specified remote user on the specified remote host can
     access the local host as the local user (i.e., possibly using a different
     login name).

     Any line starting with a '#' is considered a comment and is ignored in
     both the hosts.equiv and .rhosts files.

     As noted above, the hosts.equiv file is not used to authenticate root ac-
     cess; only the .rhosts file in root's home directory is used for root.

     The hosts.equiv file, as well as the user's .rhosts file, is only con-
     sulted for traditional r-command ``authentication'' and is not used with
     Kerberos or other forms of authentication.

FILES
     /etc/hosts.equiv  The hosts.equiv file.
     $HOME/.rhosts     User specific access file.

SEE ALSO
     rcp(1),  rlogin(1),  rsh(1),  rcmd(3),  ruserok(3)

				January 3, 1994				     2
[top]

List of man pages available for BSDi

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net