What is the difference between "/etc/hosts.equiv" AND ".rhosts" ?

chrism01 · 08-06-2009, 11:46 PM

You may find this useful http://www.informit.com/articles/art...p=169465&rll=1
But in any case, avoid plaintext protocols if possible eg rsh, rcp, remsh, rlogin, telnet etc

Telo · 05-24-2020, 09:39 PM

Looks like ssh Host-based authentication shouldn't be used at all any more! See:

https://www.stigviewer.com/stig/red_...inding/V-11988

Quote:

There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system.

Overview
Finding ID Version Rule ID IA Controls Severity
V-11988 GEN002040 SV-37370r1_rule ECCD-1 ECCD-2 High
Description
The .rhosts, .shosts, hosts.equiv, and shosts.equiv files are used to configure host-based authentication for individual users or the system. Host-based authentication is not sufficient for preventing unauthorized access to the system.
STIG Date
Red Hat Enterprise Linux 5 Security Technical Implementation Guide 2017-03-01

Details
Check Text ( C-36057r1_chk )
Check for the existence of the files.

# find / -name .rhosts
# find / -name .shosts
# find / -name hosts.equiv
# find / -name shosts.equiv

If .rhosts, .shosts, hosts.equiv, or shosts.equiv are found and their use has not been documented and approved by the IAO, this is a finding.
Fix Text (F-31301r1_fix)
Remove all the r-commands access control files.

Procedure:
# find / -name .rhosts -exec rm {} \;
# find / -name .shosts -exec rm {} \;
# find / -name hosts.equiv -exec rm {} \;
# find / -name shosts.equiv -exec rm {} \;

jlliagre · 05-25-2020, 07:08 AM

Quote:

Originally Posted by Telo

Looks like ssh Host-based authentication shouldn't be used at all any more!

This recommendation was already given twelve years ago in this very thread...

By the way, while it doesn't make a lot of difference in that precise case, beware that advice related to Linux do not necessarily apply to Solaris, and reciprocally.