A file in a home directory containing usernames and hosts from which authorized users can connect without typing a password.

Plus signs indicate that anyone can connect, or that any host can connect if in the second field.

"+ +" means that anyone can login using rlogin, rsh, rcp, or rexec without typing a password. Many cracking program attempt to overwrite the root account's .rhosts file with "+ +". To some extent, this can be overcome by making .rhosts a directory owned by root. In that case the cracker can try overwriting /etc/hosts.equiv or /etc/passwd or any other number of files.

Log in or register to write something here or to contact authors.