-

Anyone know whether a /etc/hosts.equiv file is necessary for anything
- SSH, HTTPD, etc...? Assuming, of course, that one does NOT want to
permit other machines to access without any sort of password
challenge... Seems some of those _other_ distro's (that shall remain
nameless) don't even have a default one included. Slack seems to have
only localhost in it, but is it even needed?

--
-Edd
++++++++++++++++++

On Fri, 16 Apr 2004 22:00:47 +0000, Edd wrote:

> Anyone know whether a /etc/hosts.equiv file is necessary for anything

Yes i know, and you probably don't need it at all ...

man hosts.equiv

> - SSH,

Can be configured to use that. It also supports more secure methods.
Thus i'd consider this method deprecated.

man slogin

> HTTPD,

No.

> etc...?

Idunno what you mean by that.

> Assuming, of course, that one does NOT want to permit other machines to
> access without any sort of password challenge...

Why not? SSH can use hostkey autentication:
http://www.google.com/groups?selm=pa...eskt op.local

And you can (and in most cases should) set a passphrase on that key.

Or if you admin losts of systems, patch it to use GSSAPI (ie: Krb5):
http://www.sxw.org.uk/computing/patches/openssh.html

But ofcource, you'd need to setup a KDC, then:
http://www.google.nl/groups?selm=pan...eskt op.local

> Seems some of those _other_ distro's (that shall remain nameless) don't
> even have a default one included.

Ok. Now you have me wondering which distros ...

> Slack seems to have only localhost in it, but is it even needed?

No.
(If anyone does need it, they probably very well know what for.)

--
-Menno.

On Fri, 16 Apr 2004 22:00:47 GMT
Edd <Edd@24.211.186.50> wrote:

> -
>
> Anyone know whether a /etc/hosts.equiv file is necessary
> for anything
> - SSH, HTTPD, etc...? Assuming, of course, that one does NOT
> want to permit other machines to access without any sort of
> password challenge... Seems some of those _other_ distro's
> (that shall remain nameless) don't even have a default one
> included. Slack seems to have only localhost in it, but is it
> even needed?

Only needed if you have a local network at your home amd want to
hop around as root from machine to machine using rlogin or such.

I find it usefull when I call in or connect to my web server
from someother place and I start a shell on the gateway, but
really want to hop to another local machine.

TonyB

--
__ __ _ I N C. http://www.sysdev.org
/ __|\\// __|| \ __ __ / tonyb@sysdev.org
\__ \ \/\__ \||)|/ O_)\/ / \/ System Tools / Utilities
|___/ || ___/|_ /\___|\_/ WIntel / Linux Device Drivers

Edd wrote:
> -
>
> Anyone know whether a /etc/hosts.equiv file is necessary for anything
> - SSH, HTTPD, etc...? Assuming, of course, that one does NOT want to
> permit other machines to access without any sort of password
> challenge... Seems some of those _other_ distro's (that shall remain
> nameless) don't even have a default one included. Slack seems to have
> only localhost in it, but is it even needed?
>

It use to be necessary for the lpd printer driver. Don't
know if this is still true (I doubt it.)

Homer Welch <hjwxxx@comcast.net> wrote:
> It use to be necessary for the lpd printer driver. Don't
> know if this is still true (I doubt it.)

There is a separate "hosts.lpd" file for that.
Hosts.equiv is mostly used (AND needed) if you want to allow
password-less rsh (including rsync) for NON-privileged users (it is
NOT needed nor used for the root user!).
The root user is provided for by its own ".rhosts", so as I said,
the hosts.equiv basically tells the system that "those other systems"
have the same (normal) users, and they should be allowed access UNDER
the same USERNAME without prompting for a password.
So hosts.allow is mostly used when you have a central user base within
a local net.
--
************************************************** ******************
** Eef Hartman, Delft University of Technology, dept. EWI/TW **
** e-mail: E.J.M.Hartman@math.tudelft.nl, fax: +31-15-278 7295 **
** snail-mail: P.O. Box 5031, 2600 GA Delft, The Netherlands **
************************************************** ******************

Eef Hartman wrote:
> Homer Welch <hjwxxx@comcast.net> wrote:
>
>>It use to be necessary for the lpd printer driver. Don't
>>know if this is still true (I doubt it.)
>
>
> There is a separate "hosts.lpd" file for that.

But the lpd manual page from my latest distribution,
Slackware 8.1, says the following:

/etc/hosts.equiv lists machine names allowed printer
access
/etc/hosts.lpd lists machine names allowed printer
access, but not under same
administrative control.

When I tried to get remote printing to work after updating
some packages (ssh and apsfilter) in my print server (Slack
3.1), I needed to list the hosts in hosts.equiv. Looking in
lpd.c it appears that the daemon only looks in hosts.equiv.
Thats from memory, so the details may not be exactly
right, but hosts.lpd did not work for me, and hosts.equiv did.

[rest snipped]