A .rhosts file is a configuration file that enables trust-based authentication for remote access on UNIX-like systems. It is historically associated with the Berkeley โr-commandsโ (rlogin, rsh, and rcp) and lets a user bypass password prompts when connecting from listed remote hosts under specified usernames. Although modern systems primarily use SSH for secure remote access, .rhosts still appears in certain legacy environments.
What Is the .rhosts File?
The .rhosts file is a user-level configuration file stored in the userโs home directory. It tells r-commands which remote hosts and corresponding usernames can be allowed to execute commands or log in without providing a password.
When you issue an rlogin or rsh command, for example, the local system checks the .rhosts file of the target account to decide whether to trust the remote userโs request. If a line in the file matches the connecting host and username, the connection proceeds without requiring credentials.
Here are the defining characteristics of .rhosts:
- It is a plain text file stored under a userโs home directory (for instance, /home/username/.rhosts).
- Each line typically contains a hostname (or IP address) followed by a username.
- An entry indicates that the specified remote user on that host is trusted for password-less access to the local account.
What Is .rhosts Used For?
Here are the functions of .rhosts:
- Password-less remote logins. Users set up .rhosts entries to avoid typing passwords when logging in from a trusted host. Scripts and automated processes benefited from this approach because they could initiate repeated connections without manual intervention.
- Remote command execution. System administrators often used rsh to run commands on multiple machines. The .rhosts entries allowed trusted remote hosts and users to execute commands without a password prompt, which simplified batch tasks and system-wide administration.
- File transfers. The rcp utility, similar to scp, transfers files between systems. When .rhosts specifies a trusted relationship, file transfers occur without password requests. Although convenient, this practice lacks encryption and poses security concerns.
What Is a .rhosts File Example?
Here are three examples that illustrate the format of a typical .rhosts file:
- Basic host entry. trustedhost.example.com myfriend โ this entry grants the user myfriend on trustedhost.example.com password-free access to the local account.
- Wildcard for local username. anotherhost.example.com + โ the plus sign (โ+โ) indicates that any user on anotherhost.example.com can access the local account. This configuration often introduces severe security risks.
- IP address example. 192.168.1.10 username2 โ this entry grants username2 at the IP address 192.168.1.10 the ability to log in without supplying a password.
Some administrators add comments to .rhosts files to describe why a particular trust relationship exists or to note when it was created.
How to Create a .rhosts File?
A user or administrator can create a .rhosts file with any standard text editor. The following steps outline a typical approach:
- Go to the userโs home directory. Use a command like: cd ~.
- Open or create the .rhosts file. Examples include: vi .rhosts or nano .rhosts.
- Insert hostname-username entries. A sample line might read: host.example.com localusername. Place each remote-host and username pair on its own line.
- Save and exit. In vi, type :wq to save and quit. In nano, press Ctrl+O to save, then Ctrl+X to exit.
- Secure file permissions. Restrict permissions so only the file owner can read or modify it: chmod 600 .rhosts.
Where Is the .rhosts File Located?
The .rhosts file typically sits in the top level of a userโs home directory. For instance, an account named โaliceโ might have a .rhosts file at /home/alice/.rhosts.
On certain UNIX variations, home directories may follow different naming or structural conventions, but the file still appears at the same level as other user-specific configuration files in that accountโs home folder.
How to Search and Remove .rhosts File?
Since .rhosts poses security risks, administrators often want to locate any occurrence of it and remove or inspect it. The steps below outline a common process:
- Search the system. Use a command such as: find / -name .rhosts 2>/dev/null. The 2>/dev/null portion hides permission-denied errors.
- Verify the findings. Confirm whether each file you find actually functions as a .rhosts file rather than a file with a similar name in a different context.
- Remove or rename. If the file is unnecessary, remove it with this command: rm /home/username/.rhosts. Another option involves renaming it for archival purposes: mv /home/username/.rhosts /home/username/.rhosts.bak.
What Are the Security Risks of Using a .rhosts File?
Using .rhosts to manage trust relationships often jeopardizes security in modern computing environments. Here are the major risks:
- Unencrypted connections. The โr-commandsโ transmit data in plaintext. Attackers who sniff network traffic may intercept sensitive information.
- IP spoofing. Host-based authentication remains vulnerable to spoofing attacks. An adversary who mimics a trusted hostโs IP address can gain access without a password.
- User impersonation. If an attacker compromises a remote system or user with trust privileges in .rhosts, that attacker can log in to the local system without credentials.
- Overly broad permissions. Specifying โ+โ as a wildcard in .rhosts grants an entire remote host complete access. This approach becomes extremely risky if that remote host is compromised.
How to Manage .rhosts File Securely?
Some legacy systems still rely on .rhosts, so administrators must apply strict security measures:
- Use restrictive permissions. Limit file permissions to the owner. Here is a command that does so: chmod 600 .rhosts.
- Avoid wildcards. Refrain from using the โ+โ wildcard, which grants overly broad access. Instead, specify only essential host-user combinations.
- Perform routine audits. Monitor your environment for .rhosts files. Remove or correct any that do not serve a valid purpose.
- Transition to secure protocols. Replace r-commands with SSH-based solutions wherever possible. SSH provides encryption, key-based authentication, and other modern security features.
- Implement monitoring and logging. Use intrusion detection systems and thorough logging if you cannot remove .rhosts usage. Watch for suspicious behavior on trusted connections.
