Security Risks When Using the /etc/hosts.equiv File (System Administration Guide: Resource Management and Network Services)

System Administration Guide: Resource Management and Network Services

Previous: Chapter 43 Administering the FTP Server (Tasks)
Next: .rhosts File

Security Risks When Using the `/etc/hosts.equiv` File

The /etc/hosts.equiv file presents a security risk. If you maintain a /etc/hosts.equiv file on your system, you should include only trusted hosts in your network. The file should not include any host that belongs to a different network, or any machines that are in public areas. For example, do not include a host that is located in a terminal room.

The use of hosts that are not trusted can create a serious security problem. Either replace the /etc/hosts.equiv file with a correctly configured one, or remove the file altogether.

A single line of + in the /etc/hosts.equiv file indicates that every known host is trusted.

Previous: Chapter 43 Administering the FTP Server (Tasks)
Next: .rhosts File