Add the DragonFly cvs id and perform general cleanups on cvs/rcs/sccs ids. Most
[dragonfly.git] / contrib / libpam / modules / pam_rhosts / README
CommitLineData
984263bc 1$FreeBSD: src/contrib/libpam/modules/pam_rhosts/README,v 1.3.2.2 2001/06/11 15:28:24 markm Exp $
1de703da 2$DragonFly: src/contrib/libpam/modules/pam_rhosts/Attic/README,v 1.2 2003/06/17 04:24:03 dillon Exp $
984263bc
MD
3arguments recognized:
4
5"no_hosts_equiv"
6"no_rhosts"
7"debug"
8"nowarn"
9"suppress"
10"promiscuous"
11
12.rhosts/hosts.equiv format:
13
14There are positive entries, when one is matched authentication
15succeeds and terminates. There are negative entries, when one is
16matched authentication fails and terminates. Thus order is
17significant.
18
19Entry hosts.equiv .rhosts
20<host> All users on <host> are ok Same username from <host> is ok
21<host> <user> <user> from <host> is ok ditto
22-<host> No users from <host> are ok ditto
23<host> -<user> <user> from <host> is not ok ditto
24
25<host> can be ip (IPv4) numbers.
26
27Netgroups may be used in either host or user fields, and then applies
28to all hosts, or users, in the netgroup. The syntax is
29
30 +@<ng>
31
32The entries
33
34 <host> +@<ng>
35 +@<ng> +@<ng>
36 +@<ng> <user>
37
38means exactly what you think it does. Negative entries are of the
39form
40
41 -@<ng>
42
43When the "promiscuous" option is given the special character + may be
44used as a wildcard in any field.
45
46 + Allow anyone from any host to connect. DANGEROUS.
47 + + Ditto.
48 + <user> Allow the user to connect from anywhere. DANGEROUS.
49 <host> + Allow any user from the host. Dangerous.
50
51These, perhaps more usefull, forms of the + form is also disallowed
52unless "promiscuous" is specified:
53
54 + -<user> Disallow the user from any host
55 + -@<ng> Disallow all members of the netgroup from any host
56
57When "promiscuous" is not specified a '+' is handled as a negative
58match.
59