HPE Community
Operating System - HP-UX
1829403 Members
1020 Online
109991 Solutions
New Discussion

.netrc file

 
Vishwa
Occasional Advisor

‎02-04-2002 01:39 PM

‎02-04-2002 01:39 PM

.netrc file


As you all know .netrc enables autologin for the ftp command. I would like to know the HP Policy about having a .netrc on the local intranet HP-UX machines.



It will be of great help if anyone can lead me to the HP Policy site about the unix machines. For example having .rhosts or .netrc etc.


When going gets tough, upgrade. © Murphy.
0 Kudos
Reply
3 REPLIES 3
Christopher McCray_1
Honored Contributor

‎02-04-2002 01:46 PM

‎02-04-2002 01:46 PM

Re: .netrc file

Just as a quick starter, HP does state it's concerns about .netrc files at the bottom of the man page of .netrc

More to come...
Chris
It wasn't me!!!!
0 Kudos
Reply
Mark Greene_1
Honored Contributor

‎02-04-2002 02:06 PM

‎02-04-2002 02:06 PM

Re: .netrc file

try here:

http://docs.hp.com/cgi-bin/fsearch/framedisplay?top=/hpux/onlinedocs/B2355-90742/B2355-90742_top.html&con=/hpux/onlinedocs/B2355-90742/00/00/60-con.html&toc=/hpux/onlinedocs/B2355-90742/00/00/60-toc.html&searchterms=policy%7csecurity&queryid=20020204-141107


watch the sever line wrap, you may have to cut and paste it.

HTH
mark
the future will be a lot like now, only later
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎02-04-2002 08:13 PM

‎02-04-2002 08:13 PM

Re: .netrc file

Other than the warnings in the man pages, there is no special policy...that is something that your security specialist must decide. .netrc and .rhosts as well as /etc/hosts.equiv and even NFS represent very useful ways to share data among many machines. However, the very features that make it useful are the ones that make it vulenerable to attack.

It is imperative that permissions on files such as .rhosts and .netrc NEVER have anything except 600. But these files are only a couple of the dozens of checks you need to make in case this must be a secure system. Start with a good book on HP-UX security:

http://www.hp.com/hpbooks/prentice/ptr_0130330620.html


Bill Hassell, sysadmin
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.