2 .\" Author: [see the "AUTHOR" section]
3 .\" Generator: DocBook XSL Stylesheets v1.74.0 <http://docbook.sf.net/>
5 .\" Manual: Linux-PAM Manual
6 .\" Source: Linux-PAM Manual
9 .TH "PAM_RHOSTS" "8" "06/21/2011" "Linux-PAM Manual" "Linux\-PAM Manual"
10 .\" -----------------------------------------------------------------
11 .\" * (re)Define some macros
12 .\" -----------------------------------------------------------------
13 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
14 .\" toupper - uppercase a string (locale-aware)
15 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
17 .tr aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ
19 .tr aabbccddeeffgghhiijjkkllmmnnooppqqrrssttuuvvwwxxyyzz
21 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
22 .\" SH-xref - format a cross-reference to an SH section
23 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
32 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
33 .\" SH - level-one heading that works better for non-TTY output
34 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
36 .\" put an extra blank line of space above the head in non-TTY output
43 .nr an-prevailing-indent \\n[IN]
47 .HTML-TAG ".NH \\n[an-level]"
49 .nr an-no-space-flag 1
51 \." make the size of the head bigger
56 .\" if n (TTY output), use uppercase
61 .\" if not n (not TTY), use normal case (not uppercase)
65 .\" if not n (not TTY), put a border/line under subheading
70 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
71 .\" SS - level-two heading that works better for non-TTY output
72 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
77 .nr an-prevailing-indent \\n[IN]
82 .nr an-no-space-flag 1
85 \." make the size of the head bigger
91 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
92 .\" BB/BE - put background/screen (filled box) around block of text
93 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
106 .if "\\$2"adjust-for-leading-newline" \{\
114 .nr BW \\n(.lu-\\n(.i
117 .ie "\\$2"adjust-for-leading-newline" \{\
118 \M[\\$1]\h'1n'\v'+.5v'\D'P \\n(BWu 0 0 \\n(BHu -\\n(BWu 0 0 -\\n(BHu'\M[]
121 \M[\\$1]\h'1n'\v'-.5v'\D'P \\n(BWu 0 0 \\n(BHu -\\n(BWu 0 0 -\\n(BHu'\M[]
132 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
133 .\" BM/EM - put colored marker in margin next to block of text
134 .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
151 \M[\\$1]\D'P -.75n 0 0 \\n(BHu -(\\n[.i]u - \\n(INu - .75n) 0 0 -\\n(BHu'\M[]
159 .\" -----------------------------------------------------------------
160 .\" * set default formatting
161 .\" -----------------------------------------------------------------
162 .\" disable hyphenation
164 .\" disable justification (adjust text to left margin only)
166 .\" -----------------------------------------------------------------
167 .\" * MAIN CONTENT STARTS HERE *
168 .\" -----------------------------------------------------------------
170 pam_rhosts \- The rhosts PAM module
173 .HP \w'\fBpam_rhosts\&.so\fR\ 'u
174 \fBpam_rhosts\&.so\fR
178 This module performs the standard network authentication for services, as used by traditional implementations of
184 The authentication mechanism of this module is based on the contents of two files;
185 \FC/etc/hosts\&.equiv\F[]
187 \FC~/\&.rhosts\F[]\&. Firstly, hosts listed in the former file are treated as equivalent to the localhost\&. Secondly, entries in the user\'s own copy of the latter file is used to map "\fIremote\-host remote\-user\fR" pairs to that user\'s account on the current host\&. Access is granted to the user if their host is present in
188 \FC/etc/hosts\&.equiv\F[]
189 and their remote account is identical to their local one, or if their remote account has an entry in their personal configuration file\&.
191 The module authenticates a remote user (internally specified by the item
193 connecting from the remote host (internally specified by the item
194 \fBPAM_RHOST\fR)\&. Accordingly, for applications to be compatible this authentication module they must set these items prior to calling
195 \fBpam_authenticate()\fR\&. The module is not capable of independently probing the network connection for such information\&.
200 Print debug information\&.
205 Don\'t print informative messages\&.
208 \fBsuperuser=\fR\fB\fIaccount\fR\fR
214 .SH "MODULE TYPES PROVIDED"
218 module type is provided\&.
223 The remote host, remote user name or the local user name couldn\'t be determined or access was denied by
230 User is not known to system\&.
234 To grant a remote user access by
235 \FC/etc/hosts\&.equiv\F[]
240 add the following lines to
241 \FC/etc/pam\&.d/rsh\F[]:
252 .BB lightgray adjust-for-leading-newline
257 auth required pam_rhosts\&.so
258 auth required pam_nologin\&.so
259 auth required pam_env\&.so
260 auth required pam_unix\&.so
262 .EB lightgray adjust-for-leading-newline
277 \fBhosts.equiv\fR(5),
284 pam_rhosts was written by Thorsten Kukuk <kukuk@thkukuk\&.de>