---
title: Verify No .rhost Files Exist
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: Docs > Datadog Security > OOTB Rules > Verify No .rhost Files Exist
---

# Verify No .rhost Files Exist
 
## Description{% #description %}

Local system users should not have a `.rhost` file in their home directory.

## Rationale{% #rationale %}

User configuration files with excessive or incorrect access may enable malicious users to steal or modify other users' data or to gain another user's system privileges. The `.rhost` file provides the "remote authentication" database for the rcp, rlogin, and rsh commands and the rcmd() function. These files bypass the standard password-based user authentication mechanism. They specify remote hosts and users that are considered trusted (i.e. are allowed to access the local system without supplying a password).

## Warning{% #warning %}

Automatic remediation of this rule is not available due to the unique requirements of each system. Any .rhost files should be investigated and removed manually.