Use of /etc./hosts.equiv on root user ?

Hi Anyone knows ..Whats is the use of /etc/hosts.equv - file  on root user ? If you know please reply or command to this post.

Post a Comment

2 Comments

  1. DESCRIPTION

    The hosts.equiv and .rhosts files list hosts and users that are trusted by the local host when a connection is made using the rshd service.

    The hosts.equiv file resides in the ROOTDIR/etc directory and lists the remote machines that may connect to the local machine and the local user names those machines may connect as. The .rhosts file resides in a user's home directory and specifies the remote machines and remote user names that the user may use to remotely log in to the local machine.

    Each line of these files has the format:

    hostname [username]

    hostname may be given as a host name (typically, a fully qualified host name in a DNS environment), an address, or a + character indicating that all hosts are to be trusted.

    username, if specified, may be given as either a user name on the remote host or a + character indicating all users on hostname.

    When the optional username is specified, only users with entries on the specified host may log in to the local machine. When username is not specified, any user that has the same user name on both the remote and local machines may log in to the local machine.

    Note:

    Because the rsh and rcp utilities resend the current without the domain if it is too long and the rlogin utility does not, a user may require two entries in the hosts.equiv or .rhosts file. If the full name (including domain) is too long for the rshd service (or daemon) being used, the user needs one entry with the full user name (including domain) for use with rlogind and a second with the the same user name minus the domain for use with rshd.

    EXAMPLES

    Here are some examples of hosts.equiv entries for the local host machine named colossus:

    + +

    Allows any user from any host to connect to colossus.
    tiny +
    big +

    Allows any user from the remote hosts tiny or big to connect to colossus.
    + forbin

    Allows the user forbin to connect to colossus from any remote host.

    Here are some examples of .rhosts entries. In these examples, the .rhosts file is in the home directory of the user forbin on colossus.

    + +

    Allows any user from any host to connect to this host (colossus) as the user forbin.
    + forbin

    Allows the user forbin to connect to colossus from any remote host as the user forbin.
    +

    Also allows the user forbin to connect to colossus from any remote host as the user forbin.
    tiny mortice

    Allows the user mortice from the remote host tiny to connect to colossus as the user forbin.

    Here is an example of how the hosts.equiv and the .rhosts file combine. Consider a hosts.equiv file with the following entry:

    + forbin

    and a .rhosts in the home directory of the user forbin with the following entry:

    tiny +

    The hosts.equiv entry allows the user forbin to connect to colossus as forbin from any remote host, while the .rhosts entry allows any user from the remote host tiny to connect to colossus as forbin. When both files have entries that apply, the most restrictive combination of the entries applies. In this case, these entries combine to mean that only the user forbin from the remote host tiny can connect to colossus as forbin.

    An entry of

    + +

    presents two severe security hazards. First, it allows any user on any machine to connect to the local host as the same user name. Second, if it is specified in the ROOTDIR/etc/hosts.equiv file, it allows any user on any machine to connect to the local host as any user.

    ReplyDelete
  2. > "Anyone knows ..Whats is the use of /etc/hosts.equv - file on root user ?"

    None. The file /etc/hosts.equiv is only checked for regular users, it's completely ignored for the superuser (root). You may (have to) use /root/.rhosts instead.

    ReplyDelete