Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ hosts.equiv(4) — UnixWare 2.01

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

hosts(4)

netgroup(4)

passwd(4)

rlogin(1)

rhosts(4)

rsh(1)






       hosts.equiv(4)                                        hosts.equiv(4)


       NAME
             hosts.equiv - trusted hosts by system

       SYNOPSIS
             /etc/hosts.equiv

       DESCRIPTION
             The /etc/hosts.equiv file contains a list of trusted hosts.
             When an rlogin(1) or rsh(1) request is received from a host
             listed in this file, and when the user making the request is
             listed in the /etc/passwd file, then the remote login is
             allowed with no further checking.  The library routine ruserok
             will make this verification.  In this case, rlogin does not
             prompt for a password, and commands submitted through rsh are
             executed.  Thus, a remote user with a local user ID is said to
             have ``equivalent'' access from a remote host named in this
             file.

       USAGE
             The format of the hosts.equiv file consists of a one-line
             entry for each host, of the form:

                         hostname [ username ]

             The hostname field normally contains the  name  of  a  trusted
             host  from  which  a  remote  login  can be made, and username
             represents a single user from that host.   However,  an  entry
             consisting  of a single `+' indicates that all known hosts are
             to be trusted  for  all  users.   A  host  name  must  be  the
             ``official''  name as listed in the hosts(4) database. This is
             the first name given in the  hosts  database  entry;  hostname
             aliases are not recognized.

             A network group [see netgroup(4)] can be specified  in  either
             the  hostname  or  username  fields to match multiple hosts or
             users in one entry.  The form:

                         +@netgroup

             allows access from all hosts in the  network  group  netgroup.
             When  used in the username field, network groups allow a group
             of remote users to access the system  as  a  particular  local
             user.  The form:

                         hostname +@netgroup



                           Copyright 1994 Novell, Inc.               Page 1













      hosts.equiv(4)                                        hosts.equiv(4)


            allows all of the users in the network group netgroup from the
            host  hostname  to  access  the system as the local user.  The
            form:

                        +@netgroup1 +@netgroup2

            allows the users in network group netgroup2 from the hosts  in
            network  group  netgroup1  to  access  the system as the local
            user.

         .rhosts File
            Whenever a remote login is not allowed by hosts.equiv, the
            remote login daemon checks for a .rhosts file in the home
            directory of the local login.  The .rhosts file controls
            access only to the specific login where it resides.

            The .rhosts file has the same format as the hosts.equiv file,
            but the username entry has a different meaning.  In the
            hosts.equiv file, a username entry restricts remote access to
            the specified remote user.  In the .rhosts file, a username
            entry changes the identity of user attempting to log in.  The
            remote user specified by username can access the host as the
            local login and inherit the local login's permissions.

         Warnings
            When a system is listed in /etc/hosts.equiv, its security must
            be as good as local security.  One insecure system mentioned
            in /etc/hosts.equiv can compromise the security of an entire
            network.

      REFERENCES
            hosts(4), netgroup(4), passwd(4), rlogin(1), rhosts(4), rsh(1)
















                          Copyright 1994 Novell, Inc.               Page 2








Typewritten Software • bear@typewritten.org • Edmonds, WA 98026