hosts.equiv(5yp)
NAME
hosts.equiv − list of trusted hosts
DESCRIPTION
The hosts.equiv file resides in the /etc directory and contains a list of trusted hosts. When an rlogin() or rsh() request from a host listed in the hosts.equiv file is made, and the initiator of the request has an entry in /etc/passwd, further validity checking is unrequired. Thus, rlogin does not prompt for a password, and rsh completes successfully. When a remote user is in the local hosts.equiv file, that user is defined as equivalenced to a local user with the same user ID.
The format of hosts.equiv is a list of names, as in:
host1
host2
+@group1
-@group2
A line consisting of a host name means that anyone logging in from that host is trusted. A line consisting of +@group means that all hosts in that network group are trusted. A line consisting of −@group means that hosts in that group are not trusted. Programs scan the hosts.equiv file sequentially and stop when they encounter the appropriate entry (either positive for host name and +@ entries, or negative for −@ entries). A line consisting of a single + means that everyone is trusted.
The hosts.equiv file has the same format as .rhosts file. When a user executes rlogin or rsh, the .rhosts file from that user’s home directory is concatenated onto the hosts.equiv file for permission checking. If a user is excluded by a minus entry from hosts.equiv but included in .rhosts, that user is considered trusted. In the special case when the user is root, only the .rhosts file is checked.
It is possible to have two entries, separated by a single space on one line. If the remote host is equivalenced by the first entry, the user named by the second entry is allowed to specify any name to the −l flag (provided that name is in the /etc/passwd file). For example:
suez john
This entry allows John to log in from suez. The normal use would be to put this entry in the .rhosts file in the home directory for bill. Then John can log in as bill when coming from suez without having to supply a password. The second entry can be a netgroup. For example:
+@group1 +@group2
This entry allows any user in group2 coming from a host in group1 to log in as anyone.
FILES
/etc/hosts.equiv
/etc/yp/domain/netgroup
/etc/yp/domain/netgroup.byuser
/etc/yp/domain/netgroup.byhost