Operating System - Linux
1830080 Members
26547 Online
109998 Solutions
New Discussion

Linux .rhosts /etc/hosts.equiv

 

Linux .rhosts /etc/hosts.equiv

Hi,

i want to alloy any user on host a to rsh to host b as user dummy.
In other OS i can put '+' in ~.rhosts for the username.
In RH Linux i have to put every username in ~.rhosts if it should work.
But i need a solution that any user on host a (Hp-UX) may do a remsh host_a -l dummy. (remote shell only for user dummy and not more !)
ssh isn't a solution because the applications uses rsh (remsh)

3 REPLIES 3
Mark Fenton
Esteemed Contributor

Re: Linux .rhosts /etc/hosts.equiv

Won't /etc/hosts.equiv allow this?

man hosts.equiv for more detail.

Mark

Re: Linux .rhosts /etc/hosts.equiv

The error wasn't the rhosts file or hosts.equiv.

server + is o.k. but the "+" isnt't enabled default on RH 7.1 ...
Solution:
Edit /etc/pam.d/rsh
Add promiscuous after pam_rhosts_auth.so

man pages for rhosts and hosts.equiv aren't helpful.
The Pam Admin Doc helps.
Steven E. Protter
Exalted Contributor

Re: Linux .rhosts /etc/hosts.equiv

If these machines are exosed on the Internet, make sure you have ipchains firewall on the Linux side.

On the HP-UX side /hosts.equiv overrides .rhosts files, brings things under administrators control. With a /var/adm/inetd.sec file you can restrict users by network address(only 10.1.10 for example) and protocol. You can and should stop telnet, and be choosey about what other protocols you let through.

I highly recommend this for the HP-UX side otherwise the world can get on your HP-UX box.
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com