01-18-2002
thalex
The main problem with /etc/hosts.equiv is that it is a VERY bad security hole.
By using IP spoofing, anyone can break into your system. There are other good ways to check the users when the login.
If someone can login as one of your users via /etc/hosts.equiv that could be very dangerous.
Is /etc/securetty an option?
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
hi, we can set something such that if the user has been idle for a while, it will auto disconnect. where to do so? thanks (6 Replies)
Discussion started by: yls177
6 Replies
2. UNIX for Advanced & Expert Users
I am using Tru64UX 5.1a on alphaserver 4100.
Users access the application through Telnet sessions to this server.
My requirement is to limit the users login through their PCs only.
Is there any way I can accomplish this on the unix box ?
I want to include a script in the .profile ( or... (1 Reply)
Discussion started by: shauche
1 Replies
3. Shell Programming and Scripting
Dear friends..
Our project has a module that runs on handheld devices. Through the handheld we telnet to solaris where the application actually runs. I noticed that after starting a session through the handheld, if i go out of range or if i remove and replace the battery in the handheld, the... (1 Reply)
Discussion started by: deepsteptom
1 Replies
4. Shell Programming and Scripting
{
sleep 2
echo "$user"
sleep 2
echo "$password"
sleep 2
echo " ls"
sleep 10
echo "exit"
}| telnet $server
I have a machine x and i have executed the above script on machine 'x'.
i entered the... (6 Replies)
Discussion started by: pathanjalireddy
6 Replies
5. IP Networking
The situation:
a Unix system (UnixWare 7.1.3) to which are connected other systems;
various p.c. on the LAN that they connect Unix to the system via TelNet.
The problem:
I need to intercept the address IP of the p.cs. connected via telnet to the Unix system.
Particularly, I have to know the... (2 Replies)
Discussion started by: paololrp
2 Replies
6. UNIX for Dummies Questions & Answers
Hi
Is there any way whilst in a telnet session you can view your client machine name that you are using to connect to the Unix box ? :eek: (2 Replies)
Discussion started by: mlucas
2 Replies
7. UNIX for Dummies Questions & Answers
Hello,
I have AIX 5.3 at home connected to netgear router. Port Forwarding has been enabled on the router. Problem is that if I want to telnet, I have to try 2 or 3 times before I can get a logon prompt. It times out for first or second time (Connection to session <IP_Address> failed: Connection... (1 Reply)
Discussion started by: bluebee
1 Replies
8. UNIX for Dummies Questions & Answers
How can I disconnect an existing telnet session? The host is a serial port server with multiple ports. The users login using the host's name and a port, i.e. telnet host01 1235.
Thanks. (14 Replies)
Discussion started by: cooldude
14 Replies
9. HP-UX
Our network administrators implemented some sort of check to kill idle sessions and now burden is on us to run some sort of keep alive. Client based keep alive doesn't do a very good job. I have same issue with ssh. Does solution 2 provided above apply for ssh sessions also? (1 Reply)
Discussion started by: yoda9691
1 Replies
LEARN ABOUT FREEBSD
hosts.equiv
HOSTS.EQUIV(5) BSD File Formats Manual HOSTS.EQUIV(5)
NAME
hosts.equiv, .rhosts -- trusted remote host and user name data base
DESCRIPTION
The hosts.equiv and .rhosts files contain information regarding trusted hosts and users on the network. For each host a single line should
be present with the following information:
simple
hostname [username]
or the more verbose
[+-][hostname|@netgroup] [[+-][username|@netgroup]]
A ``@'' indicates a host by netgroup or user by netgroup. A single ``+'' matches all hosts or users. A host name with a leading ``-'' will
reject all matching hosts and all their users. A user name with leading ``-'' will reject all matching users from matching hosts.
Items are separated by any number of blanks and/or tab characters. A ``#'' indicates the beginning of a comment; characters up to the end of
the line are not interpreted by routines which search the file.
Host names are specified in the conventional Internet DNS dotted-domains ``.'' (dot) notation using the inet_addr(3) routine from the Inter-
net address manipulation library, inet(3). Host names may contain any printable character other than a field delimiter, newline, or comment
character.
For security reasons, a user's .rhosts file will be ignored if it is not a regular file, or if it is not owned by the user, or if it is
writable by anyone other than the user.
FILES
/etc/hosts.equiv The hosts.equiv file resides in /etc.
$HOME/.rhosts .rhosts file resides in $HOME.
EXAMPLES
bar.com foo
Trust user ``foo'' from host ``bar.com''.
+@allclient
Trust all hosts from netgroup ``allclient''.
+@allclient -@dau
Trust all hosts from netgroup ``allclient'' and their users except users from netgroup ``dau''.
SEE ALSO
rcp(1), rlogin(1), rsh(1), gethostbyname(3), inet(3), innetgr(3), ruserok(3), netgroup(5), ifconfig(8), yp(8)
BUGS
This manual page is incomplete. For more information read the source in src/lib/libc/net/rcmd.c or the SunOS manual page.
BSD
December 25, 2013 BSD