Authentication of readers

Russ Allbery rra at stanford.edu
Sat Jun 24 01:47:26 UTC 2000


Sorry about the delay in responding.

Julien Lajeunesse <julien.lajeunesse at hermes.usherb.ca> writes:

> I want to set up some kind of authentication mecanism so only people who
> have an account can access the newsserver. I did this with
> /etc/news/nnrp.access, in which I listed every users I wanted to be able
> to access the news server with a password, like this:

> *:RP:username1:password:local.dev.*
> *:RP:username2:password:local.management.*
> etc.

[...]

> Now, I read in the nnrp.access manpage that if I put a + instead of the
> password, the password will be passed to crypt and then matched against
> the /etc/passwd file or whatever file is used to authenticate users on
> my system.

You don't put + in the password field; you put it in the user field.  Note
that the man page says the third field, and the fields are:

    host:permissions:user:password:groups

Unfortunately, the INN 2.2 source doesn't have a way of saying to check
the system password file for some users and not for others, at least that
I'm aware of.

Note that if you use this on a system with shadow passwords, nnrpd has to
be able to read /etc/shadow, which can be quite problematic (since
normally only root can read it).  This can be a bit tricky to set up.

INN 2.3 will have a completely different user authentication mechanism.

-- 
Russ Allbery (rra at stanford.edu)             <http://www.eyrie.org/~eagle/>



More information about the inn-workers mailing list