The authentication mechanism of this module is based on the contents of two files; /etc/hosts.equiv (or and ~/.rhosts. Firstly, hosts listed in the former file are treated as equivalent to the localhost. Secondly, entries in the user's own copy of the latter file is used to map "remote-host remote-user" pairs to that user's account on the current host. Access is granted to the user if their host is present in /etc/hosts.equiv and their remote account is identical to their local one, or if their remote account has an entry in their personal configuration file.
The module authenticates a remote user (internally specified by the item PAM_RUSER connecting from the remote host (internally specified by the item PAM_RHOST). Accordingly, for applications to be compatible this authentication module they must set these items prior to calling pam_authenticate(). The module is not capable of independently probing the network connection for such information.
OPTIONS
- debug
- Print debug information.
- silent
- Don't print informative messages.
- superuser=account
- Handle account as root.
MODULE SERVICES PROVIDED
Only the auth service is supported.
RETURN VALUES
- PAM_AUTH_ERR
- The remote host, remote user name or the local user name couldn't be determined or access was denied by .rhosts file.
- PAM_USER_UNKNOWN
- User is not known to system.
EXAMPLES
To grant a remote user access by /etc/hosts.equiv or .rhosts for rsh add the following lines to /etc/pam.d/rsh:
-
#%PAM-1.0 # auth required pam_rhosts.so auth required pam_nologin.so auth required pam_env.so auth required pam_unix.so
SEE ALSO
rootok(3), hosts.equiv(5), rhosts(5), pam.conf(5), pam.d(8), pam(8)
AUTHOR
pam_rhosts was written by Thorsten Kukuk <kukuk@thkukuk.de>
Index
- NAME
- SYNOPSIS
- DESCRIPTION
- OPTIONS
- MODULE SERVICES PROVIDED
- RETURN VALUES
- EXAMPLES
- SEE ALSO
- AUTHOR
|
Закладки на сайте Проследить за страницей |
Created 1996-2024 by Maxim Chirkov Добавить, Поддержать, Вебмастеру |