Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!usc!elroy.jpl.nasa.gov!ncar!news.miami.edu!mthvax!aem From: aem@mthvax.cs.miami.edu (a.e.mossberg) Newsgroups: comp.unix.admin Subject: Re: .rhosts vs. hosts.equiv Message-ID: <1991Jan10.152906.18440@mthvax.cs.miami.edu> Date: 10 Jan 91 15:29:06 GMT References: Reply-To: aem@mthvax.cs.miami.edu Distribution: usa Organization: University of Miami Department of Mathematics & Computer Science Lines: 34 In pete@wvus.wciu.edu (Pete Gregory) writes: >Could someone please describe for me the differences between what $HOME/.rhosts >and /etc/hosts.equiv do for me, with regards to ftp, telnet, rlogin, resh >access from one system to another? /etc/hosts.equiv is global, i.e. for all users (except root) It is typically used when you have several machines that have the same users, but for whatever reason you don't use yellow pages. $HOME/.rhosts is for an inidividual user, who may have accounts on several machines not covered by a global /etc/hosts.equiv /.rhosts is for the root only All .rhosts must be unreadable/unwritable by group and others, and owned by the specific user. The .rhosts and hosts.equiv files specify other machines/users and machines (respectively) which can login *from* other systems. .rhosts and hosts.equiv files *only* cover standard UNIX utilities rlogin and rsh. Telnet and ftp (which are TCP/IP clients not specific to any operating system) do not use them. Ftp does have it's own mechanism for specifying logins *to* other systems, but does so in an unsecure way which should not be used (cleartext passwords in a users $HOME/.netrc file). aem -- aem@mthvax.cs.miami.edu ....................................................... The people of Mesa, Arizona, have 5 times as many telephones as the entire country of Honduras. - The Central American Fact Book