 |
Index for
Section 4 |
|
 |
Alphabetical
listing for R |
|
 |
Bottom of
page |
|
rhosts(4)
NAME
rhosts, .rhosts, shosts, .shosts - Specifies remote users who can use a
local user account
SYNOPSIS
$HOME/.rhosts
$HOME/.shosts
DESCRIPTION
The .rhosts file contains a list of remote users who are not required to
supply a login password when they use the local user account and execute
the rcp, rlogin, and rsh commands.
The .shosts file contains a list of remote users who are not required to
supply a login password when they use the local user account and execute
the scp2, sftp2, and ssh2 Secure Shell commands or the rcp, rlogin, and rsh
commands when they are configured to use a Secure Shell connection. See
Security Administration for more information about configuring these
commands to use a Secure Shell connection.
The .rhosts file is read by the rlogind, rshd, and Secure Shell sshd
daemons. The .shosts file is read only the the Secure Shell sshd daemon.
If both files exist, the Secure Shell daemon reads the .rhosts file first,
then the .shosts file. If either of these files allows access for a
particular connection, a Secure Shell connection is used, even if the other
file forbids it.
The .rhosts file and .shosts file are a hidden files in a user's home
directory. These files must be owned by the user or the root user and must
not be writable by group or world, otherwise, it is not used. Although it
is not required, it is recommended to set the permissions of these files to
600, so the file is not readable by group or world.
Each entry in the .rhosts file and .shosts file is of the following form:
host [user]
where:
host
The fully qualified domain name of the remote host.
user
The login name of the remote user. This field is optional. If a user
name is not specified, any user on the specified remote host is exempt
from providing a password, and is assumed to have the same username on
both the local and remote hosts.
Optionally, in the .rhosts and .shosts file you can specify a NIS netgroup
name for the host name, user name, or both.
Entries in the .rhosts and .shosts file are either positive or negative.
Positive entries allow access; negative entries deny access. The following
entries are positive:
hostname
username
+@netgroup
The following entries are negative:
-hostname
-username
-@netgroup
In addition, in the .rhosts file you can use the plus sign (+) in place of
the host name or user name. In place of the host name, it means any remote
host. In place of the user name, it means any user. The use of the plus
sign in this way is not supported in the .shosts file or in the .rhosts
file if you configured the rcp, rlogin, and rsh commands to use a Secure
Shell connection. See Security Administration for more information about
configuring these commands to use a Secure Shell connection.
EXAMPLES
The following entries in the /u/chen/.rhosts file on host zeus allow users
moshe and pierre at remote host venus.ne.corp.com and user robert at the
hosts specified in the NIS netgroup chicago to log in to user chen's home
directory on host zeus:
venus.ne.corp.com moshe
venus.ne.corp.com pierre
+@chicago robert
The following entry in the /u/peter/.shosts file on host zeus allow the
user evan at remote host saturn.ne.corp.com to log in to user peter's home
directory on host zeus:
saturn.ne.corp.com evan
FILES
$HOME/.rhosts
Specifies remote users who can use a local user account.
$HOME/.shosts
Specifies remote users who can use a local user account.
SEE ALSO
Commands: rcp(1), rlogin(1), rsh(1), scp2(1), sftp2(1), ssh2(1)
Functions: ruserok(3), rcmd(3)
Files: hosts.equiv(4), netgroup(4)
Guides: Security Administration
|
Index for
Section 4 |
|
|
Alphabetical
listing for R |
|
 |
Top of
page |
|