'\" t
.\" Title: pam_rhosts
.\" Author: [see the "AUTHOR" section]
.\" Generator: DocBook XSL Stylesheets v1.78.1
.\" Date: 09/19/2013
.\" Manual: Linux-PAM Manual
.\" Source: Linux-PAM Manual
.\" Language: English
.\"
.TH "PAM_RHOSTS" "8" "09/19/2013" "Linux-PAM Manual" "Linux\-PAM Manual"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
pam_rhosts \- The rhosts PAM module
.SH "SYNOPSIS"
.HP \w'\fBpam_rhosts\&.so\fR\ 'u
\fBpam_rhosts\&.so\fR
.SH "DESCRIPTION"
.PP
This module performs the standard network authentication for services, as used by traditional implementations of
\fBrlogin\fR
and
\fBrsh\fR
etc\&.
.PP
The authentication mechanism of this module is based on the contents of two files;
/etc/hosts\&.equiv
(or and
~/\&.rhosts\&. Firstly, hosts listed in the former file are treated as equivalent to the localhost\&. Secondly, entries in the user\*(Aqs own copy of the latter file is used to map "\fIremote\-host remote\-user\fR" pairs to that user\*(Aqs account on the current host\&. Access is granted to the user if their host is present in
/etc/hosts\&.equiv
and their remote account is identical to their local one, or if their remote account has an entry in their personal configuration file\&.
.PP
The module authenticates a remote user (internally specified by the item
\fIPAM_RUSER\fR
connecting from the remote host (internally specified by the item
\fBPAM_RHOST\fR)\&. Accordingly, for applications to be compatible this authentication module they must set these items prior to calling
\fBpam_authenticate()\fR\&. The module is not capable of independently probing the network connection for such information\&.
.SH "OPTIONS"
.PP
\fBdebug\fR
.RS 4
Print debug information\&.
.RE
.PP
\fBsilent\fR
.RS 4
Don\*(Aqt print informative messages\&.
.RE
.PP
\fBsuperuser=\fR\fB\fIaccount\fR\fR
.RS 4
Handle
\fIaccount\fR
as root\&.
.RE
.SH "MODULE TYPES PROVIDED"
.PP
Only the
\fBauth\fR
module type is provided\&.
.SH "RETURN VALUES"
.PP
PAM_AUTH_ERR
.RS 4
The remote host, remote user name or the local user name couldn\*(Aqt be determined or access was denied by
\&.rhosts
file\&.
.RE
.PP
PAM_USER_UNKNOWN
.RS 4
User is not known to system\&.
.RE
.SH "EXAMPLES"
.PP
To grant a remote user access by
/etc/hosts\&.equiv
or
\&.rhosts
for
\fBrsh\fR
add the following lines to
/etc/pam\&.d/rsh:
.sp
.if n \{\
.RS 4
.\}
.nf
#%PAM\-1\&.0
#
auth required pam_rhosts\&.so
auth required pam_nologin\&.so
auth required pam_env\&.so
auth required pam_unix\&.so
.fi
.if n \{\
.RE
.\}
.sp
.SH "SEE ALSO"
.PP
\fBrootok\fR(3),
\fBhosts.equiv\fR(5),
\fBrhosts\fR(5),
\fBpam.conf\fR(5),
\fBpam.d\fR(5),
\fBpam\fR(7)
.SH "AUTHOR"
.PP
pam_rhosts was written by Thorsten Kukuk