2 passwd system

Richard Meesters ram at attcan.UUCP
Thu Jul 12 13:08:05 AEST 1990 

In article <13152 at cbmvax.commodore.com>, ag at cbmvax.commodore.com (Keith Gabryelski) writes:
| In article <3502 at sactoh0.UUCP> jak at sactoh0.UUCP (Jay A. Konigsberg) writes:
| >In article <201 at adam.adelaide.edu.au> mferrare at adelphi.ua.oz.au.oz.au
| (Mark Ferraretto) writes:
| >>I want to set up my login procedure to make users use two passwords
| >>to login instead of one.
| >>
| >>The problem I have is if I rewrite /bin/login how to I get getty to
| >>recognise my login procedure instead of /bin/login apart from
| >>overwriting it (I don't have sources)?  Is rewriting /bin/login the
| >>best way to go about this?
| >
| >A simple solution, if /etc/profile is executed, is to put a second
| >login as the first command in /etc/profile.
| 
| A user could hit the interrupt key before the first line in /etc/profile
| is executed and thus bypass your second attempt at security.
| 
| A better way would be to replace the login shell of the user with your
| own program that does The Right Thing.


I think though, if you set a trap in your .profile, you can keep people from
bypassing the second login.

If you're running System V UNIX, a simpler solution exists.  You can create 
a dialup password.  I'm not sure of exactly which versions and flavours of
*NIX this will work on (The docs are at work, and it's too late to go and get
them), but if you want an explanation, drop me an e-mail and I'll see what I 
can dig up.

Incidentally, I'm running with this particular option on my 3B2 and it works 
fairly well.  Normal login proceedure is to enter username password and then
the dialup password.  The dialup password is only set to work on specific 
ports, and with specific programs (eg login but not uucico).

Regards,

------------------------------------------------------------------------------
     Richard A Meesters                |
     Technical Support Specialist      |     Insert std.logo here
     AT&T Canada                       |
                                       |     "Waste is a terrible thing
     ATTMAIL: ....attmail!rmeesters    |      to mind...clean up your act"
     UUCP:  ...att!attcan!ram          |
------------------------------------------------------------------------------

More information about the Comp.unix.questions mailing list