.rhost, hosts.equiv, host files

mromey

Registered
Hiya Everyone,

I'm having some difficulty setting up my .rhost file and getting it to work correctly on my OSX box. Currently I have a few sgi machines. On my SGI machines I have correctly set up my .rhosts file. I'm trying to do the same on my OSX box with no luck. Currently I have edited the following files on both my SGI machines as well as my OSX machine.

/etc/hosts
/etc/hosts.equiv
~/.rhosts

Am I missing something? Is there a way to do this via NetInfo Manager that I haven't tried yet? Idealy I need the ability to RSH into my SGI without being asked for a password or user account. Some one please help

ROMAN
 
First let me say that all of this is being set up behinf the security of a Firewall and I am working off of a private network of me, myself and I. I have also made sure to set up the permissions of all these files accordingly.

Okay I think I got it. On the SGI machines I am logging in from one account name to a similar account name on the machines. But on the OSX box I am logging in from a different named. Currently I haven't set up the hosts.equiv file to manage non similar user accounts. I think this is the problem. Now all I need to do is figure out how to format the user account name in the hosts.equiv file. Anyhone have an idea? Has anyone done something similar?

ROMAN
 
If you read the comments in /etc/hosts you would have known the answer already.

You'll want to look into commands like niutil, niload, and nidump.
 
Getting hosts.equiv and /.rhosts going takes a bit of attention to detail..

First, you need to read the SGI man pages thoroughly..
Pay attention to ownership and permissions on the /.rhosts file, especially.

in either file, include both the IP address of the machines as well as the *completely qualified* hostname. (ie: thismachine.company.com)

The /etc/hosts.equiv would look like:

thismachine.company.com
othermachine.company.com
192.168.1.10
192.168.1.11

for the /.rhosts file, an entry would look like this..

thismachine.company.com root
othermachine.company.com root
192.168.1.10 root
192.168.1.11 root

(in other words, you are specifying "root" as the only user that can log in as root..)

Never assume that the root directory is the home dir for the root user. Some OS'es specify that /var/root or some other location is the home dir for the root user. The man page for rhosts states explicitly that the .rhosts file *must* be in the home location of the root user, NOT in the root directory.. (that is a gotcha that nails me everytime.)

Also:
chown root.sys .rhosts
chmod 644 .rhosts

people tend to forget to do that..

Check NI manager to see where the root's home dir is.. and change it to the root directory, if you wish.
Or , just place the .rhosts file in the root home dir.

Next, the hostname you resolve, must be fully qualified to match the entry in the hosts.equiv / rhosts files..

Again Check NI manager to see that each machine is in the form thismachine.company.com ..

or if you use DNS, the nslookup returns 'thismachine.company.com'

and one more detail, Your group files and passwd files should be somewhat similar. Users and groups should use identical UID and GID numbers. Otherwise you are only going to create a complicated mess for yourself. Authentication goes a lot smoother (ie: seamless) if these numbers are identical. If not, you are opening up a big can 'o worms.

good luck..

bob..
 
Back
Top