- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: .rhosts file
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-28-2009 08:38 PM
тАО07-28-2009 08:38 PM
I am having a file .rhosts in / filesystem.
# pg /.rhosts
xxxx.xxxx.xxxx.com root
zzzz.zzzz.zzzz.com root # TSM
#
Hope this file will have the entries of some server in a network,
1. why the root was mentioned here ?
2. Whether some one can able to login in as root without passwd ?
Request you to provide me the solution, thanks in advance.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-28-2009 09:08 PM
тАО07-28-2009 09:08 PM
Re: .rhosts file
read the manual on what the format of the .rhosts file is:
http://docs.hp.com/en/B9106-90011/hosts.equiv.4.html?jumpid=reg_R1002_USEN
>2. Whether some one can able to login in as root without passwd ?
yes that is what it is used for. But, i guess the the services could be configured to not use the .rhosts file (depending on the version of the OS) or the services could be disabled. If the services are disabled usually a .rhosts file isn't allowed to exist either
http://forums13.itrc.hp.com/service/forums/questionanswer.do?threadId=1359493
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-28-2009 09:09 PM
тАО07-28-2009 09:09 PM
Re: .rhosts file
This means root from any server which belongs to domains xxxx.xxxx.xxxx.com and zzzz.zzzz.zzzz.com can remotely login using rlogin command
Sagar
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-28-2009 09:13 PM
тАО07-28-2009 09:13 PM
Re: .rhosts file
.rhosts is used for user level authentication for "r" commands like rlogin, remsh.
Your entries allows root user only from the hosts xxxx.xxxx.xxxx.com and zzzz.zzzz.zzzz.com to login without password for rlogin and remsh commands.
Ganesh.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-28-2009 09:41 PM
тАО07-28-2009 09:41 PM
Re: .rhosts file
That means zzzz.zzzz.zzzz.com server should login as root. After that they can put rlogin command to login to a specific server am i right.
( My concern is whether root privilage will go without passwd for that user in ZZZZ.ZZZZ.ZZZZ.com )
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-28-2009 10:14 PM
тАО07-28-2009 10:14 PM
Solution>>>That means zzzz.zzzz.zzzz.com server should login as root. After that they can put rlogin command to login to a specific server am i right.<<<
I am not sure how you understood the above sentence. Let me explain.
You logged in as a root user on zzzz.zzzz.zzzz.com. Now when you connect to other server which is having .rhosts file using this command,
#rlogin
it will not ask for root password. It will allow you to login as a root user. Now you have all the root privilages on the remote server.
Hope this clear your doubts.
Ganesh.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-28-2009 10:39 PM
тАО07-28-2009 10:39 PM
Re: .rhosts file
Thanks for your valuable information, now i understood this scenario.
How can we restrict this permission, without modifying this file contents. hope it will have some services running in server.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-28-2009 10:46 PM
тАО07-28-2009 10:46 PM
Re: .rhosts file
I also tried # rlogin ZZZZ.ZZZZ.ZZZZ.com -l root This command is asking root passwd to enter.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-28-2009 10:56 PM
тАО07-28-2009 10:56 PM
Re: .rhosts file
I don't see how. If you don't want it to be root, you change that file.
You could of course add code to .profile and try to check but why bother? You want to rcp but not rlogin/remsh? But remsh doesn't use .profile.
>I also tried # rlogin ZZZZ.ZZZZ.ZZZZ.com -l root This command is asking root passwd to enter.
What's in .rhosts is the SOURCE machine to allow, not the target.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-29-2009 01:05 AM
тАО07-29-2009 01:05 AM
Re: .rhosts file
>>>How can we restrict this permission, without modifying this file contents. hope it will have some services running in server.<<<
If you believe that some services will use this .rhosts file for login to the server then do not modify it.
>>I also tried # rlogin ZZZZ.ZZZZ.ZZZZ.com -l root This command is asking root passwd to enter<<
As Dennis said, You should try the other way. From ZZZZ.ZZZZ.ZZZZ.com server, try to rlogin to the server which is having .rhosts file. It should allow the connection from ZZZZ.ZZZZ.ZZZZ.com without password.
Ganesh.