Dialup Passwords (was Re: Login passwords: not as selective ...)
Lenny Tropiano
lenny at icus.islp.ny.us
Mon Feb 27 11:19:56 AEST 1989
In article <563 at kosman.UUCP> kevin at kosman.UUCP (Kevin O'Gorman) writes:
|>I was just fiddling around with the login password stuff that was posted
|>a while ago. It worked as advertised, at least as far as what it did
|>to /etc/dialups and /etc/d_passwd. However, the underlying behaviour of
|>/etc/login seems at odds with what I thought it was supposed to be.
|>
|>I thought that ONLY the shells named in /etc/d_passwd would get prompted
|>for a password. This is not the case on my machine: anyone logging in
|>on a line listed in /etc/dialups seems to have to go through this.
|>
...
Well actually for some reason, I thought that was the way. I've noticed
it's not, at least not on the UNIX pc. I haven't had a chance to try it
on the 3B2 or 6386WGS in the office, but I seem to remember if the shell
was not listed in the /etc/d_passwd, it wouldn't ask for "Dialup Password:".
Since I was the one who posted the dpasswd program, I did some investigating
of my own. I don't use dialup passwords here locally, it's something I
really don't need the extra security. Only "trusted" users really get
access to my UNIX PC, and only a *select few* have shell access in my
non-restrictive filesystem. I do have a "restrictive filesystem setup" for
those who _needed_ access. Basically a "chroot(1M)'d filesystem"...
It seems to get Dialup Passwords to work correctly, at least on the UNIX PC,
you need to specify *ALL* shells that you have in /etc/passwd, in
/etc/d_passwd, but you don't need to have a password on the line. This
can be done by editting /etc/d_passwd, and placing a line like:
/usr/lib/uucp/uucico::
This will allow all uucico transactions to login without a dialup password,
or you can use dpasswd [posted back a month or two by me] like:
# dpasswd -v -p /usr/lib/uucp/uucico
New Dialup Password: <CR>
Retype Dialup Password: <CR>
dpasswd: Dialup program restriction added for /usr/lib/uucp/uucico.
# cat /etc/d_passwd
/usr/lib/uucp/uucico::
|>This is not good. All my uucp hookups use a shell called
|>/usr/lib/uucp/uucicoTZ (not a script, but a short compiled front end).
|>These were getting the Dialup Password: prompt. Not what I had in mind.
|>
...
In this case the shell would be /usr/lib/uucp/uucicoTZ.
Sorry for any confusion ... Hope this helps ...
-Lenny
--
Lenny Tropiano ICUS Software Systems [w] +1 (516) 582-5525
lenny at icus.islp.ny.us Telex; 154232428 ICUS [h] +1 (516) 968-8576
{talcott,decuac,boulder,hombre,pacbell,sbcs}!icus!lenny attmail!icus!lenny
ICUS Software Systems -- PO Box 1; Islip Terrace, NY 11752
More information about the Unix-pc.general
mailing list