HPE Community
Operating System - HP-UX
1833210 Members
2958 Online
110051 Solutions
New Discussion

.rhosts, hosts.equiv

 
SOLVED
Go to solution
TheJuiceman
Super Advisor

‎02-28-2006 02:52 PM

‎02-28-2006 02:52 PM

.rhosts, hosts.equiv

Hey everyone,

I have some questions about .rhosts and hosts.equiv...

1. What/who would need a .rhosts file?
2. Does ServiceGuard require a .rhosts file in /etc/cmcluster?
3. Does Data Protector require a .rhosts file in /root to execute pre/post exec commands on other boxes?
4. What should be in the hosts.equiv file?

I know the answer to these (well, except for a couple), but I'm seeing a few unusual entries that I think need pursuing. I'm just looking for confirmation...so please be gentle LOL
0 Kudos
Reply
10 REPLIES 10
F Verschuren
Esteemed Contributor

‎02-28-2006 07:56 PM

‎02-28-2006 07:56 PM

Re: .rhosts, hosts.equiv

1 noboddy only a host.equiv is needed for mc servicegart, but be aware that in the patch bundele (i think) of jan 2005 there was a bat patch that that corupting clusters only having hosts.equive and not a ~root/.rhosts
2 never seen it there
3 sorry I do not know.
4 man -k hosts.equiv

But what are the problems?
0 Kudos
Reply
Sivakumar TS
Honored Contributor

‎02-28-2006 08:06 PM

‎02-28-2006 08:06 PM

Re: .rhosts, hosts.equiv

Hi,

1. What/who would need a .rhosts file?

This is required to enable remote acess, ie the hosts listed in the .rhosts can do rlogin without password.


2. Does ServiceGuard require a .rhosts file in /etc/cmcluster?

Yes. All nodes should have the other nodes list.


3. What should be in the hosts.equiv file?

This is similar to .rhosts, the difference is hosts.equiv is system wide but .rhosts can be maintained in each users home directory.

Regards,

Siva.
Nothing is Impossible !
0 Kudos
Reply
Devender Khatana
Honored Contributor

‎02-28-2006 08:21 PM

‎02-28-2006 08:21 PM

Re: .rhosts, hosts.equiv

Hi,

Shivkumar FYI,

Service guard does not require .rhosts to be there. Instead cmclnodelist file should be there in /etc/cmcluster having entries for all the nodes. .rhosts file we use initially for conveniently copying files among nodes and it is always recommended to remove .rhosts from all cluster nodes after reconfiguration.

Also DP does not require it as for as I know.

HTH,
Devender
Impossible itself mentions "I m possible"
0 Kudos
Reply
Mohanasundaram_1
Honored Contributor

‎02-28-2006 09:06 PM

‎02-28-2006 09:06 PM

Re: .rhosts, hosts.equiv

Hi,

1. What/who would need a .rhosts file?
the "r" commands like remsh,rcp,rlogin requires this entry.

2. Does ServiceGuard require a .rhosts file in /etc/cmcluster?
Not required in /etc/cmcluster. In fact, you can do away with .rhosts by using cmclnodelist in /etc/cmcluster. Devender's suggestion is a useful one too.

3. Does Data Protector require a .rhosts file in /root to execute pre/post exec commands on other boxes?
No

4. What should be in the hosts.equiv file?

How about using "man hosts.equiv"

With regards,
Mohan.
Attitude, Not aptitude, determines your altitude
0 Kudos
Reply
Nguyen Anh Tien
Honored Contributor

‎03-01-2006 02:32 PM

‎03-01-2006 02:32 PM

Re: .rhosts, hosts.equiv

First of all i will explain what is .rhosts and hosts.equiv file
1, hosts.equiv:
-located at /etc/hosts.equive
- is file that allow/deny all users (have same name on localhost) to access server via ARPA/Berkery services (rlogin, rcp,remsh.rexec, rup,ruptime..)
- this is called as host equivalency
- there is only once file on system
2, .rhosts:
- located at $HOME/.rhosts file
- it deny/allow same user from specific node (IP) to access resource on local hosts
-each user can set up his or her own .rhosts file
- this is call user equivalency
2. Does ServiceGuard require a .rhosts file in /etc/cmcluster?
It is optional, YOu can use /etc/cmcluster/cmnodelist to replace it (better for security)
3. Does Data Protector require a .rhosts file in /root to execute pre/post exec commands on other boxes?
If your script uses ARPA/Berkery services, it is needed. Otherwise not.
4. What should be in the hosts.equiv file?
Host equivalency file used to allow or deny access for specific services
Be careful to grant permission. It is at risk of security
HTH
tienna
HP is simple
0 Kudos
Reply
TheJuiceman
Super Advisor

‎03-28-2006 12:41 PM

‎03-28-2006 12:41 PM

Re: .rhosts, hosts.equiv

Thanks for all the input. Let me describe what I'm wanting to do...

I'm looking to eliminate all .rhosts files on the system. However, I'm not certain on how to go about doing this. Any help is appreciated.
0 Kudos
Reply
TheJuiceman
Super Advisor

‎03-28-2006 01:48 PM

‎03-28-2006 01:48 PM

Re: .rhosts, hosts.equiv

I should say for /root/.rhosts. I don't see how you can eliminate it. Is this true?
0 Kudos
Reply
Muthukumar_5
Honored Contributor

‎03-28-2006 03:50 PM

‎03-28-2006 03:50 PM

Solution

Re: .rhosts, hosts.equiv

Do you want to remove .rhosts files or want to make r* commands not to use .rhosts file when logging?

--
Muthu
Easy to suggest when don't know about the problem!
Reply
TheJuiceman
Super Advisor

‎03-28-2006 03:55 PM

‎03-28-2006 03:55 PM

Re: .rhosts, hosts.equiv

You can do the latter?
0 Kudos
Reply
Jean-Yves Picard
Trusted Contributor

‎03-28-2006 05:58 PM

‎03-28-2006 05:58 PM

Re: .rhosts, hosts.equiv

Hello,

.rhosts are inefective if not rw------- or not owned by user.

you can change their right, and owner.

for x in $(awk -F: '{printf "%s/.rhosts\n",$5}' /etc/passwd )
do
touch $x
chown root:root $x
chmod 444 $x
done

you can narrow awk by using a pattern (like $5 ~ /my/company/dirs/ )

Data Protector et Service Guard don't relay on hosts.equiv as you've been told.

Jean-Yves Picard
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.