Installing and Administering Internet Services
Chapter 2 55
Installing and Configuring Internet Services
Configuring Files to Bypass Security
Configuring Files to Bypass Security
The following files may be used to allow users access to your host without
supplying a password:
• /etc/hosts.equiv, a file owned by user root. This file allows
certain users to connect to your host with rcp, remsh, or rlogin
without supplying a password.
• $HOME/.rhosts, a file that may be created by any user in his or her
home directory. This file allows certain users to connect to your host
with rcp, remsh, or rlogin without supplying a password.
• $HOME/.netrc, a file that may be created by any user in his or her
home directory. This file allows certain users to connect to your host
with ftp or rexec without supplying a password.
CAUTION These files create a significant security risk.
The remshd and rlogind servers can be configured to ignore
$HOME/.rhosts files. See “To Disable Use of $HOME/.rhosts” on page
57.
To Configure the /etc/hosts.equiv File
Each line in the /etc/hosts.equiv file has the following form:
hostname [username]
You can use either a text editor or SAM to configure the
/etc/hosts.equiv file. To run SAM, type sam at the HP-UX prompt.
SAM has an extensive online help facility.
If a user is logged into a host listed in your /etc/hosts.equiv file, and
the user’s login name is listed in your passwd database, the user may
connect to your host with rcp, remsh, or rlogin, and the user will not
be prompted for a password.
If a username is included in /etc/hosts.equiv, only the specified user
on the associated host may connect to your host without supplying a
password. However, the specified user may log in as any user on your
system (except root) without supplying a password.