191 lines
4.0 KiB
HTML
191 lines
4.0 KiB
HTML
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
|
<HTML><HEAD><TITLE>Man page of PAM_RHOSTS</TITLE>
|
|
</HEAD><BODY>
|
|
<H1>PAM_RHOSTS</H1>
|
|
Section: Linux-PAM Manual (8)<BR>Updated: 05/18/2017<BR><A HREF="#index">Index</A>
|
|
<A HREF="/cgi-bin/man/man2html">Return to Main Contents</A><HR>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<A NAME="lbAB"> </A>
|
|
<H2>NAME</H2>
|
|
|
|
pam_rhosts - The rhosts PAM module
|
|
<A NAME="lbAC"> </A>
|
|
<H2>SYNOPSIS</H2>
|
|
|
|
<DL COMPACT>
|
|
<DT id="1">
|
|
<B>pam_rhosts.so</B>
|
|
</DL>
|
|
<A NAME="lbAD"> </A>
|
|
<H2>DESCRIPTION</H2>
|
|
|
|
<P>
|
|
|
|
<DD>This module performs the standard network authentication for services, as used by traditional implementations of
|
|
<B>rlogin</B>
|
|
and
|
|
<B>rsh</B>
|
|
etc.
|
|
<P>
|
|
|
|
The authentication mechanism of this module is based on the contents of two files;
|
|
/etc/hosts.equiv
|
|
(or and
|
|
~/.rhosts. Firstly, hosts listed in the former file are treated as equivalent to the localhost. Secondly, entries in the user's own copy of the latter file is used to map "<I>remote-host remote-user</I>" pairs to that user's account on the current host. Access is granted to the user if their host is present in
|
|
/etc/hosts.equiv
|
|
and their remote account is identical to their local one, or if their remote account has an entry in their personal configuration file.
|
|
<P>
|
|
|
|
The module authenticates a remote user (internally specified by the item
|
|
<I>PAM_RUSER</I>
|
|
connecting from the remote host (internally specified by the item
|
|
<B>PAM_RHOST</B>). Accordingly, for applications to be compatible this authentication module they must set these items prior to calling
|
|
<B>pam_authenticate()</B>. The module is not capable of independently probing the network connection for such information.
|
|
<A NAME="lbAE"> </A>
|
|
<H2>OPTIONS</H2>
|
|
|
|
<P>
|
|
|
|
<B>debug</B>
|
|
<DL COMPACT><DT id="2"><DD>
|
|
Print debug information.
|
|
</DL>
|
|
|
|
<P>
|
|
|
|
<B>silent</B>
|
|
<DL COMPACT><DT id="3"><DD>
|
|
Don't print informative messages.
|
|
</DL>
|
|
|
|
<P>
|
|
|
|
<B>superuser=</B><B></B><I>account</I>
|
|
<DL COMPACT><DT id="4"><DD>
|
|
Handle
|
|
<I>account</I>
|
|
as root.
|
|
</DL>
|
|
|
|
<A NAME="lbAF"> </A>
|
|
<H2>MODULE TYPES PROVIDED</H2>
|
|
|
|
<P>
|
|
|
|
Only the
|
|
<B>auth</B>
|
|
module type is provided.
|
|
<A NAME="lbAG"> </A>
|
|
<H2>RETURN VALUES</H2>
|
|
|
|
<P>
|
|
|
|
PAM_AUTH_ERR
|
|
<DL COMPACT><DT id="5"><DD>
|
|
The remote host, remote user name or the local user name couldn't be determined or access was denied by
|
|
.rhosts
|
|
file.
|
|
</DL>
|
|
|
|
<P>
|
|
|
|
PAM_USER_UNKNOWN
|
|
<DL COMPACT><DT id="6"><DD>
|
|
User is not known to system.
|
|
</DL>
|
|
|
|
<A NAME="lbAH"> </A>
|
|
<H2>EXAMPLES</H2>
|
|
|
|
<P>
|
|
|
|
To grant a remote user access by
|
|
/etc/hosts.equiv
|
|
or
|
|
.rhosts
|
|
for
|
|
<B>rsh</B>
|
|
add the following lines to
|
|
/etc/pam.d/rsh:
|
|
<P>
|
|
<DL COMPACT><DT id="7"><DD>
|
|
|
|
|
|
|
|
<PRE>
|
|
#%PAM-1.0
|
|
#
|
|
auth required pam_rhosts.so
|
|
auth required pam_nologin.so
|
|
auth required pam_env.so
|
|
auth required pam_unix.so
|
|
|
|
</PRE>
|
|
|
|
</DL>
|
|
|
|
|
|
|
|
|
|
<P>
|
|
<A NAME="lbAI"> </A>
|
|
<H2>SEE ALSO</H2>
|
|
|
|
<P>
|
|
|
|
<B><A HREF="/cgi-bin/man/man2html?3+rootok">rootok</A></B>(3),
|
|
<B><A HREF="/cgi-bin/man/man2html?5+hosts.equiv">hosts.equiv</A></B>(5),
|
|
<B><A HREF="/cgi-bin/man/man2html?5+rhosts">rhosts</A></B>(5),
|
|
<B><A HREF="/cgi-bin/man/man2html?5+pam.conf">pam.conf</A></B>(5),
|
|
<B><A HREF="/cgi-bin/man/man2html?5+pam.d">pam.d</A></B>(5),
|
|
<B><A HREF="/cgi-bin/man/man2html?7+pam">pam</A></B>(7)
|
|
<A NAME="lbAJ"> </A>
|
|
<H2>AUTHOR</H2>
|
|
|
|
<P>
|
|
|
|
pam_rhosts was written by Thorsten Kukuk <<A HREF="mailto:kukuk@thkukuk.de">kukuk@thkukuk.de</A>>
|
|
<P>
|
|
|
|
<HR>
|
|
<A NAME="index"> </A><H2>Index</H2>
|
|
<DL>
|
|
<DT id="8"><A HREF="#lbAB">NAME</A><DD>
|
|
<DT id="9"><A HREF="#lbAC">SYNOPSIS</A><DD>
|
|
<DT id="10"><A HREF="#lbAD">DESCRIPTION</A><DD>
|
|
<DT id="11"><A HREF="#lbAE">OPTIONS</A><DD>
|
|
<DT id="12"><A HREF="#lbAF">MODULE TYPES PROVIDED</A><DD>
|
|
<DT id="13"><A HREF="#lbAG">RETURN VALUES</A><DD>
|
|
<DT id="14"><A HREF="#lbAH">EXAMPLES</A><DD>
|
|
<DT id="15"><A HREF="#lbAI">SEE ALSO</A><DD>
|
|
<DT id="16"><A HREF="#lbAJ">AUTHOR</A><DD>
|
|
</DL>
|
|
<HR>
|
|
This document was created by
|
|
<A HREF="/cgi-bin/man/man2html">man2html</A>,
|
|
using the manual pages.<BR>
|
|
Time: 00:06:14 GMT, March 31, 2021
|
|
</BODY>
|
|
</HTML>
|