Setting remote access for a user
Remote access allows a user to log into another machine (where they have
an identical account) without entering a password. This is also known as
``user equivalence''.
When remote access is configured, the local system recognizes the
equivalence between the two accounts.
This means remote access has two requirements:
-
the same account must exist on the local and remote systems
-
the account on the local system must have remote access
configured (as described here)
NOTE:
Remote access does not create an account on the remote system -
you must do this yourself.
In the
Account Manager,
select a user name, then select
Users Remote Access.
Click on the Remote Access button.
-
To configure access, select an entry in the
``Other Hosts''
column and click on the Add button.
-
To remove access, select an entry
in the ``Current Hosts''
column and click on the Remove button.
-
You can search for a specified host by entering the name in the
``Search for:'' field.
NOTE:
To set up administrative remote access for system owners, see
``Using the SCOadmin Setup Wizard''.
About user equivalence
User equivalence allows a user to use
rlogin(1tcp)
to log in to an equivalent account on another host without entering
a password. SCOadmin managers require this equivalence to allow
you to manage other systems over the network using the
Open Host selection. You can
establish user equivalence between:
-
individual remote/local account pairs by using the
Accounts Manager
to alter a user's $HOME/.rhosts file to add the
remote host and account
-
a remote account and all local accounts except root (and
other non-individual accounts such as bin), by
editing /etc/hosts.equiv to add the remote host and account
-
all accounts on a remote host and all local accounts except
root (and other non-individual accounts)
by editing /etc/hosts.equiv to add only the remote host name
NOTE:
Entries in /etc/hosts.equiv can create large holes in system
security. Be sparing in their use. In most circumstances,
it is unwise to create entries that allow all users on remote
hosts to access all accounts on your local host.
Configuring the files manually allows you to set equivalence between
accounts with different logins. The simplest option is to use
accounts with the same name as described in
``Setting remote access for a user''.
If there are entries in both .rhosts and /etc/hosts.equiv
for the same host or host/account combination,
the entry from /etc/hosts.equiv
determines the extent of user equivalence. For more information, see
rhosts(4tcp).
Next topic:
Changing user login shells
Previous topic:
Changing a user's locale
© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 22 April 2004