What Is the "rhosts" Mechanism in Linux/Unix?

Man using computer at kitchen table

Hero Images / Getty Images

rhosts: On UNIX, the "rhosts" mechanism allows one system to trust another system. This means that if a user logs onto one UNIX system, they can further log onto any other system that trusts it. Only certain programs will use this file: rsh tells the system to open a remote "shell" and run the specified program. rlogin creates an interactive Telnet session on the other computer. Key point: A common backdoor is to place the entry "+ +" in the rhosts file. This tells the system to trust everybody. Key point: The file simply contains a list of named hosts or IP addresses. Sometimes the hacker can forge DNS information in order to convince the victim that he has the same name as a trusted system. Alternatively, a hacker can sometimes spoof the IP address of a trusted system. See also: hosts.equiv

Source: Hacking-Lexicon / Linux Dictionary V 0.16 (Author: Binh Nguyen)