Trusted hosts/users (UNIX)

Module: Network Integrity

This check reports hosts and users that are trusted to access the agent system without supplying passwords through remote shell and remote login commands. You can use the name list to exclude all instances of either individual hosts or individual users from the check. You can also use the name list to exclude specific combinations of hosts and users from the check. The proper syntax for a host user entry in the exclude list is the host name followed by a space, then the user name.

The following table lists the error messages for the check.

Table: Error messages for Trusted hosts/users

Message String ID and Category

Platform and Message Numeric ID

Message Title and Description

Additional Information

String ID: STKU_ALLIN

Category: Change Notification

UNIX (6347)

Title: All users on all hosts are trusted

Description:The hosts.equiv file specifies that all users on all hosts are trusted. This is a security problem because any remote user with an account name that matches an account on your system (except root) can access your system. Access can be achieved using remote shell and remote login commands without even specifying a password. You should not allow trusted users to access your system.

Severity: red-4

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_ALLUSER

Category: Change Notification

UNIX (6348)

Title: User is trusted from any host

Description:The hosts.equiv file specifies that the users listed below are trusted from any host. This is a security problem because any of these users that have an account name that matches an account on your system (except root) can access your system. Access can be achieved using remote shell and remote login commands without even specifying a password. You should not allow trusted users to access your system.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_CLUSTERIN

Category: Change Notification

UNIX (6349)

Title: All hosts in your cluster are trusted

Description:The hosts.equiv file specifies that all hosts in your HP-UX cluster are trusted. Any user in the cluster can access your system using remote shell and remote login commands without specifying a password. You should not allow trusted hosts to access your system.

Severity: green-0

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_HOSTIN

Category: Change Notification

UNIX (6350)

Title: All users on host are trusted

Description:The hosts.equiv file specifies that all users on the hosts listed below are trusted. Any user on these hosts (except root) can access your system. Access can be achieved using remote shell and remote login commands without even specifying a password. You should not allow trusted users to access your system.

Severity: yellow-1

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_HOSTOUT

Category: Change Notification

UNIX (6351)

Title: Host is not trusted

Description:The hosts.equiv file specifies that users on the listed hosts are not trusted. These users must specify a password before they can access your system using remote login. They cannot use remote shell. This message provides information but does not require any security action on your part.

Severity: green-0

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_GROUPIN

Category: Change Notification

UNIX (6352)

Title: Network group on host is trusted

Description:The hosts.equiv file specifies that all users in the listed network groups on listed hosts are trusted. Any user in these network groups (except root) can access your system. Access can be achieved using remote shell and remote login commands without even specifying a password. You should not allow trusted users to access your system.

Severity: green-0

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_GROUPOUT

Category: Change Notification

UNIX (6353)

Title: Network group on host is not trusted

Description:The hosts.equiv file specifies that all users in the listed network groups on listed hosts are not trusted. These users must specify a password before they can access your system using remote login. They cannot use remote shell. This message provides information but does not require any security action on your part.

Severity: green-0

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_USERIN

Category: Change Notification

UNIX (6354)

Title: User on host is trusted

Description:The hosts.equiv file specifies that the listed users on the listed hosts are trusted. Any of these users (except root) can access your system. Access can be achieved using remote shell and remote login commands without even specifying a password. You should not allow trusted users to access your system.

Severity: green-0

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]

String ID: STKU_USEROUT

Category: Change Notification

UNIX (6355)

Title: User on host is not trusted

Description:The hosts.equiv file specifies that the listed users on the listed hosts are not trusted. These users must specify a password before they can access your system using remote login. They cannot use remote shell. This message provides information but does not require any security action on your part.

Severity: green-0

Correctable: false

Snapshot Updatable: false

Template Updatable: false

Information Field Format: [%s]