1HOSTS.EQUIV(5)             Linux Programmer's Manual            HOSTS.EQUIV(5)
2
3
4

NAME

6       /etc/hosts.equiv - list of hosts and users that are granted "trusted" r
7       command access to your system
8

DESCRIPTION

10       The hosts.equiv file allows or denies hosts and users to use the r-com‐
11       mands (e.g. rlogin, rsh or rcp) without supplying a password.
12
13       The file uses the following format:
14
15       [ + | - ] [hostname] [username]
16
17       The hostname is the name of a host which is logically equivalent to the
18       local host. Users logged into that host are  allowed  to  access  like-
19       named  user  accounts  on  the local host without supplying a password.
20       The hostname may be (optionally) preceded by a plus (+) sign.   If  the
21       plus  sign is used alone it allows any host to access your system.  You
22       can explicitly deny access to a host by preceding  the  hostname  by  a
23       minus  (-)  sign.  Users  from that host must always supply a password.
24       For security reasons you should always use the FQDN of the hostname and
25       not the short hostname.
26
27       The  username  entry grants a specific user access to all user accounts
28       (except root) without supplying a password. That means the user is  NOT
29       restricted  to  like-named  accounts.  The username may be (optionally)
30       preceded by a plus (+) sign. You can also explicitly deny access  to  a
31       specific  user  by  preceding  the username with a minus (-) sign. This
32       says that the user is not trusted no matter what other entries for that
33       host exist.
34
35       Netgroups can be specified by preceding the netgroup by an @ sign.
36
37       Be extremely careful when using the plus (+) sign. A simple typographi‐
38       cal error could result in a standalone plus  sign.  A  standalone  plus
39       sign is a wildcard character that means "any host"!
40

FILES

42       /etc/hosts.equiv
43

NOTES

45       Some  systems  will  only  honor  the contents of this file when it has
46       owner root and no write permission for anybody else. Some exceptionally
47       paranoid  systems even require that there be no other hard links to the
48       file.
49
50       Modern systems use the Pluggable Authentication Modules library  (PAM).
51       With PAM a standalone plus sign is only considered a wildcard character
52       which means "any host" when the word promiscuous is added to  the  auth
53       component  line  in  your  PAM  file  for  the particular service (e.g.
54       rlogin).
55

SEE ALSO

57       rhosts(5), rlogind(8), rshd(8)
58
59
60
61Linux                             2003-08-24                    HOSTS.EQUIV(5)
Impressum