This has an obvious advantage (apart from saving typing) - your password does not have to travel across the network. On the other hand, it does means that if your account on the other machine is compromised, it's trivial to get access to your accounts on other machines. Think carefully about which machines you put in your .rhosts file.
.rhosts is not suitable for allowing access to machines which are not handling IP 24 hours a day. (If your machine is switched off, it's much easier to take over its IP address and spoof the trusted machine.) The secure shell, ssh, has a replacement for the r-utilities (rcp, rlogin, rsh) which doesn't suffer from this problem.
Unix provides a command called rlogin for easy login
to remote machines. Here is a simple example of its use:
gryphon$ rlogin hammer.thor Password: Last login: Mon Oct 11 13:10:02 from gryphon.csi.cam.ac.uk Solaris Release 2.5 [hammer] Linux Redhat Release 4.2 [gloves,belt] (Thor) hammer$
By default, rlogin will connect me to the remote
machine with an account name the same as my name on the local machine
(rjd4 in this case). Note that my Thor password was
required.
It is possible to make my account on hammer
"trust" my account on gryphon. To do this, I
create a file, .rhosts, in my home directory on
hammer containing all the machines on which it is to
trust my account. If I rlogin from one of thse machines
to hammer I will not be asked for a password. This file
must be readable only by the user.
Suppose I have the following .rhosts file on
hammer.
hammer$ cat .rhosts gryphon.csi.cam.ac.uk oneeye.csi.cam.ac.uk
If I rlogin from gryphon or
oneeye I will not be prompted for my password.
gryphon$ rlogin hammer.thor Last login: Mon Oct 11 13:10:02 from gryphon.csi.cam.ac.uk Solaris Release 2.5 [hammer] Linux Redhat Release 4.2 [gloves,belt] (Thor) hammer$
Never put a "+" in a .rhosts file;
it means "every machine".
Suppose I have an account on gryphon called
"bob" and an account
"rjd4" on hammer. On
gryphon I issue the command
gryphon$ rlogin -l rjd4 hammer.thor.cam.ac.uk
and my (rjd4's) .rhosts file on
hammer contains the line
gryphon.csi.cam.ac.uk bob
and then the "trust" still works.
It is also possible to submit single instructions to a remote
machine rather than logging in, issuing the instruction and logging out
again. This is done with the rsh command.
For this command to work, the account on the remote machine must trust the account on the local machine. There is no opportunity to issue apassword.
Consider the following example.
gryphon$ rsh hammer.thor.cam.ac.uk ls -l | wc -l
21
gryphon$
The rsh causes a shell to be started on
hammer. This shell runs ls -l and its
standard output is piped back over the network into the standard input
of wc -l which is run locally.
If the account names differ on the two systems then the
-l syntax must be used again.
gryphon$ rsh -l rjd4 hammer.thor.cam.ac.uk uname -n hammer.thor.cam.ac.uk
There is an important point that must be noted about the remote
shell started by rsh: it is not a login shell.
The .profile or .bash_profile files are not
sourced so any configuration they do will not be done for this shell.
What happens instead depends crucially on the shell. Under
bash the .bashrc file is read instead.
To copy files from one machine to another, the rcp
command can is provided. This has an identical syntax to
cp but filenames can be preceded by
"machine:".
gryphon$ rcp hammer.thor:trial.pl test.pl gryphon$ rcp Unix.tex gloves.thor:~/unix/source.tex
If the account names differ then the filenames are further
extended. (NB The -l is not used.)
gryphon$ rcp rjd4@hammer.thor:trial.pl test.pl
As with rcp the .rhosts file must be set
up on the remote machine to trust the local machine.