← Rules Catalog
criticalsystemverified

Ensure no .shosts files exist in user home directories

shosts-user-files-absent · RHEL ≥ 8 · 1 impl

Description

Per-user .shosts files grant trusted access to remote hosts without password authentication. These files must not exist in any user's home directory.

Rationale

User .shosts files allow remote rsh/rlogin access without authentication from trusted hosts. An attacker controlling a trusted host can gain access to local accounts. All .shosts files must be removed.

Check → Remediate

Checkcommand
find / -name .shosts 2>/dev/null | head -1
Remediatecommand_exec
find / -name .shosts 2>/dev/null -exec rm -f {} +

Framework references

STIG

V-281272 / RHEL-10-700690V-257956 / RHEL-09-252075V-230284

NIST 800-53

AC-17IA-2

Live verification

rhel8:check
#authentication#rsh#trust#attack-surface