NFS Services Administrator's Guide
Configuring and Administering NFS
Configuring and Using NFS Netgroups
Chapter 2 129
Using Netgroups in the /etc/hosts.equiv or $HOME/.rhosts File
In the /etc/hosts.equiv file, or in a .rhosts file in a user’s home
directory, netgroups can be used in either the host name field or the user
name field, as in the following example:
+@our_friends +@our_friends
The netgroup our_friends can be used as both the host name and the
user name, because it includes both host names and user names, as
follows:
our_friends (sage,sara, ), (sage,eric, ), (dill,-, ), (
,monica, )
The blank host name field in the fourth triple serves as a wildcard,
allowing users from any host on the network to log in without supplying
a password. However, only the users listed in the netgroup are given this
privileged access, because each user name field contains either a user
name or a dash.
Netgroups can also be used to deny privileged access to certain hosts or
users in the /etc/hosts.equiv or $HOME/.rhosts file, as in the
following example:
+ -@vandals
The plus sign (+) is a wildcard in the /etc/hosts.equiv or
$HOME/.rhosts file syntax, allowing privileged access from any host in
the network. The netgroup vandals is defined as follows:
vandals ( ,pat, ), ( ,harriet, ), ( ,reed, )
All users except those listed in the vandals netgroup can log into the
local system without supplying a password from any system in the
network.
CAUTION Any users who are denied privileged access in the /etc/hosts.equiv
file can still be allowed privileged access in a user’s $HOME/.rhosts file.
The $HOME/.rhosts file is read after the /etc/hosts.equiv file and
overrides it.
For more information, type man 4 hosts.equiv at the HP-UX prompt.