topic Re: .rhosts file in Operating System - HP-UX

.rhosts file

oprakash — Wed, 29 Jul 2009 03:38:27 GMT

Hi,

I am having a file .rhosts in / filesystem.

# pg /.rhosts
xxxx.xxxx.xxxx.com root
zzzz.zzzz.zzzz.com root # TSM
#

Hope this file will have the entries of some server in a network,
1. why the root was mentioned here ?
2. Whether some one can able to login in as root without passwd ?

Request you to provide me the solution, thanks in advance.

Re: .rhosts file

Curtis Larson_2 — Wed, 29 Jul 2009 04:08:36 GMT

>1. why the root was mentioned here ?
read the manual on what the format of the .rhosts file is:
http://docs.hp.com/en/B9106-90011/hosts.equiv.4.html?jumpid=reg_R1002_USEN

>2. Whether some one can able to login in as root without passwd ?
yes that is what it is used for. But, i guess the the services could be configured to not use the .rhosts file (depending on the version of the OS) or the services could be disabled. If the services are disabled usually a .rhosts file isn't allowed to exist either

http://forums13.itrc.hp.com/service/forums/questionanswer.do?threadId=1359493

Re: .rhosts file

Sagar Sirdesai — Wed, 29 Jul 2009 04:09:39 GMT

Hi
This means root from any server which belongs to domains xxxx.xxxx.xxxx.com and zzzz.zzzz.zzzz.com can remotely login using rlogin command

Sagar

Re: .rhosts file

Ganesan R — Wed, 29 Jul 2009 04:13:38 GMT

Hi Oprakash,

.rhosts is used for user level authentication for "r" commands like rlogin, remsh.

Your entries allows root user only from the hosts xxxx.xxxx.xxxx.com and zzzz.zzzz.zzzz.com to login without password for rlogin and remsh commands.

Re: .rhosts file

oprakash — Wed, 29 Jul 2009 04:41:37 GMT

Hi Ganesan,

That means zzzz.zzzz.zzzz.com server should login as root. After that they can put rlogin command to login to a specific server am i right.

( My concern is whether root privilage will go without passwd for that user in ZZZZ.ZZZZ.ZZZZ.com )

Re: .rhosts file

Ganesan R — Wed, 29 Jul 2009 05:14:34 GMT

Hi Oprakash,

>>>That means zzzz.zzzz.zzzz.com server should login as root. After that they can put rlogin command to login to a specific server am i right.<<<

I am not sure how you understood the above sentence. Let me explain.

You logged in as a root user on zzzz.zzzz.zzzz.com. Now when you connect to other server which is having .rhosts file using this command,
#rlogin

it will not ask for root password. It will allow you to login as a root user. Now you have all the root privilages on the remote server.

Hope this clear your doubts.

Re: .rhosts file

oprakash — Wed, 29 Jul 2009 05:39:49 GMT

Dear Ganesan,

Thanks for your valuable information, now i understood this scenario.

How can we restrict this permission, without modifying this file contents. hope it will have some services running in server.

Re: .rhosts file

oprakash — Wed, 29 Jul 2009 05:46:12 GMT

Hi,

I also tried # rlogin ZZZZ.ZZZZ.ZZZZ.com -l root This command is asking root passwd to enter.

Re: .rhosts file

Dennis Handly — Wed, 29 Jul 2009 05:56:53 GMT

>How can we restrict this permission, without modifying this file contents?

I don't see how. If you don't want it to be root, you change that file.
You could of course add code to .profile and try to check but why bother? You want to rcp but not rlogin/remsh? But remsh doesn't use .profile.

>I also tried # rlogin ZZZZ.ZZZZ.ZZZZ.com -l root This command is asking root passwd to enter.

What's in .rhosts is the SOURCE machine to allow, not the target.

Re: .rhosts file

Ganesan R — Wed, 29 Jul 2009 08:05:51 GMT

Hi Oprakash,

>>>How can we restrict this permission, without modifying this file contents. hope it will have some services running in server.<<<

If you believe that some services will use this .rhosts file for login to the server then do not modify it.

>>I also tried # rlogin ZZZZ.ZZZZ.ZZZZ.com -l root This command is asking root passwd to enter<<

As Dennis said, You should try the other way. From ZZZZ.ZZZZ.ZZZZ.com server, try to rlogin to the server which is having .rhosts file. It should allow the connection from ZZZZ.ZZZZ.ZZZZ.com without password.