What Is the "rhosts" Mechanism in Linux/Unix?

man using computer at kitchen table
Hero Images/Getty Images


rhosts: On UNIX, the "rhosts" mechanism allows one system to trust another system. This means that if a user logs onto one UNIX system, they can further log onto any other system that trusts it. Only certain programs will use this file: rsh Tells the system to open a remote "shell" and run the specified program. rlogin Creates an interactive Telnet session on the other computer. Key point: A common backdoor is to place the entry "+ +" in the rhosts file. This tells the system to trust everybody. Key point: The file simply contains a list of named hosts or IP addresses. Sometime the hacker can forge DNS information in order to convince the victim that he has the same name as a trusted system. Alternately, a hacker can sometimes spoof the IP address of a trusted system. See also: hosts.equiv

Source: Hacking-Lexicon / Linux Dictionary V 0.16 (Author: Binh Nguyen)