rhosts, .rhosts, shosts, .shosts - Specifies remote users
who can use a local user account
$HOME/.rhosts
$HOME/.shosts
The file contains a list of remote users who are not
required to supply a login password when they use the
local user account and execute the rcp, rlogin, and rsh
commands.
The file contains a list of remote users who are not
required to supply a login password when they use the
local user account and execute the scp2, sftp2, and ssh2
Secure Shell commands or the rcp, rlogin, and rsh commands
when they are configured to use a Secure Shell connection.
See Security Administration for more information about
configuring these commands to use a Secure Shell connection.
The file is read by the rlogind, rshd, and Secure Shell
sshd daemons. The file is read only the the Secure Shell
sshd daemon. If both files exist, the Secure Shell daemon
reads the file first, then the file. If either of these
files allows access for a particular connection, a Secure
Shell connection is used, even if the other file forbids
it.
The file and file are a hidden files in a user's home
directory. These files must be owned by the user or the
root user and must not be writable by group or world, otherwise,
it is not used. Although it is not required, it
is recommended to set the permissions of these files to
600, so the file is not readable by group or world.
Each entry in the file and file is of the following form:
host [user]
where: The fully qualified domain name of the remote host.
The login name of the remote user. This field is optional.
If a user name is not specified, any user on the specified
remote host is exempt from providing a password, and is
assumed to have the same username on both the local and
remote hosts.
Optionally, in the and file you can specify a NIS netgroup
name for the host name, user name, or both.
Entries in the and file are either positive or negative.
Positive entries allow access; negative entries deny
access. The following entries are positive:
hostname username +@netgroup
The following entries are negative:
-hostname -username -@netgroup
In addition, in the file you can use the plus sign (+) in
place of the host name or user name. In place of the host
name, it means any remote host. In place of the user name,
it means any user. The use of the plus sign in this way
is not supported in the file or in the file if you configured
the rcp, rlogin, and rsh commands to use a Secure
Shell connection. See Security Administration for more
information about configuring these commands to use a
Secure Shell connection.
The following entries in the /u/chen/.rhosts file on host
zeus allow users moshe and pierre at remote host
venus.ne.corp.com and user robert at the hosts specified
in the NIS netgroup chicago to log in to user chen's home
directory on host zeus:
venus.ne.corp.com moshe venus.ne.corp.com pierre +@chicago
robert
The following entry in the /u/peter/.shosts file on host
zeus allow the user evan at remote host saturn.ne.corp.com
to log in to user peter's home directory on host zeus:
saturn.ne.corp.com evan
Specifies remote users who can use a local user account.
Specifies remote users who can use a local user account.
Commands: rcp(1), rlogin(1), rsh(1), scp2(1), sftp2(1),
ssh2(1)
Functions: ruserok(3), rcmd(3)
Files: hosts.equiv(4), netgroup(4)
Guides: Security Administration
rhosts(4)
[ Back ] |
