Under your home directory create a file called ".rhosts" this text file can
contain to fields.
The first field is the host name and the second field is the username.
linux.domain.com tom
school.domain.edu tsmith
work.domain.com smith2
For this example, lets say this file is located on machine "home.domain.net"
This file feeds the "r*" programs, the most common ones are "rsh", "rlogin",
"rexec"
When you are logged in on the "linux.domain.com" as userid "tom" you can do
a rlogin (Remote LOGIN) from your current machine to the other without
getting asked for a password
`rlogin linux.domain.com`
but if you are userid is try a `rlogin dot.slashdot.org` it will not work
since your don't have an account on that machine.
`rsh` if I remember correctly gives you a remote shell and `rexec` is a
really neat command, it allows you to execute any command on another system
without asking for a password.
I once created a shell script that used `rexec` allot, then I made a icon
out of the shell script, then I could single click and BAM. It would run
`rexec` and setup the display environment, then execute Eterm, without
asking for a password, without having to start an xterm window up, etc. It
worked just like a normal icon, I though that was kinda neat. Anyway...
Also note that there is a wildcard "+" if you put
+ +
in your .rhosts file, it is not good. That basically means anyone, anywhere
can login and / or execute any command on the system as your. Which is not
good. Please don't do it.
You will want to keep the ".rhosts" file as clean as possible, make sure you
trust every host and every userid in there.
man rlogin; man rsh; man rexec;
There is also a file called "/etc/rhosts.equliv" or something like that, I
forget. I know it has something to do with all the "r*" programs, but not
really sure what. If you running any "r*" programs out of `inetd` you might
want to check and see what this "/etc/rhosts.equilv" file is for. I know if
this file isn't configured properly you could run into some wildly crackers
that could and would exploit it...
the "r*" commands as they are referred to; have had allot of security
'issues' with them in the past, so remember to keep them clean, read up on
them, and oh yea, and this is the most important part; use at your own risk
:)
Jack
----- Original Message -----
From: Eugene <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, December 14, 1999 10:03 AM
Subject: Re: Remote hosts file
>
>
> > .rhosts i dont know, never used it, so it cant be
> > all that important, on
> > the otherhand you possably mean /etc/hosts the place
> > where hosts are
> > defined by thier ip#.
>
> Thanks for the info, but I meant .rhosts. The most I
> know about this file is that it enables the remote
> hosts to access your machine without asking for userID
> and passwords (if your userIDs on remote and your
> machine are the same). This file should be especially
> useful for newbies like us because in case of
> emergency it would be possible to access the machine
> from remote host.
> But, as you see, this knowledge is not enough to set
> up such file. So does anyone know how to do it?
>
>
>
> =====
> <|>
> Eugene
> __________________________________________________
> Do You Yahoo!?
> Thousands of Stores. Millions of Products. All in one place.
> Yahoo! Shopping: http://shopping.yahoo.com
