Xref: utzoo comp.unix.shell:1006 alt.sys.sun:2204 alt.security:1749 Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!samsung!olivea!apple!agate!sag4.ssl.berkeley.edu!gckaplan From: gckaplan@sag4.ssl.berkeley.edu (George C. Kaplan) Newsgroups: comp.unix.shell,alt.sys.sun,alt.security Subject: Re: ~/.rhosts: put my username in there too? Message-ID: <1990Dec1.084015.16170@agate.berkeley.edu> Date: 1 Dec 90 08:40:15 GMT References: <1990Oct28.074642.6337@cbnewse.att.com> <27236@mimsy.umd.edu> <1990Oct30.194948.2439@eua.ericsson.se> Sender: usenet@agate.berkeley.edu (USENET Administrator) Organization: University of California, Berkeley Lines: 17 In article <1990Oct30.194948.2439@eua.ericsson.se> per@erix.ericsson.se (Per Hedeland) writes: >There is however one case where the presence of a username can make a >difference, namely if two or more users (=usernames) share a home directory Usernames in ~/.rhosts files can also be useful to control access to shared accounts. At our site there are several special-purpose group accounts that can each be used by several people. (Don't ask why). Rather than set these up as normal accounts, with passwords that gradually become widely known, we're now setting them up with no acceptable password (ie. a '*' in the passwd field), so you can't just login. Instead, the authorised users are in the ~/.rhosts file; they login as themselves first, then rlogin to the group account. George C. Kaplan Internet: gckaplan@ssl.berkeley.edu Center for EUV Astrophysics gckaplan%ssl@jade.berkeley.edu University of California UUCP: ...!ucbvax!sunspot.ssl!gckaplan Berkeley, CA 94720 (415) 643-5651