Authentication of readers
Russ Allbery
rra at stanford.edu
Sat Jun 24 01:47:26 UTC 2000
Sorry about the delay in responding.
Julien Lajeunesse <julien.lajeunesse at hermes.usherb.ca> writes:
> I want to set up some kind of authentication mecanism so only people who
> have an account can access the newsserver. I did this with
> /etc/news/nnrp.access, in which I listed every users I wanted to be able
> to access the news server with a password, like this:
> *:RP:username1:password:local.dev.*
> *:RP:username2:password:local.management.*
> etc.
[...]
> Now, I read in the nnrp.access manpage that if I put a + instead of the
> password, the password will be passed to crypt and then matched against
> the /etc/passwd file or whatever file is used to authenticate users on
> my system.
You don't put + in the password field; you put it in the user field. Note
that the man page says the third field, and the fields are:
host:permissions:user:password:groups
Unfortunately, the INN 2.2 source doesn't have a way of saying to check
the system password file for some users and not for others, at least that
I'm aware of.
Note that if you use this on a system with shadow passwords, nnrpd has to
be able to read /etc/shadow, which can be quite problematic (since
normally only root can read it). This can be a bit tricky to set up.
INN 2.3 will have a completely different user authentication mechanism.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the inn-workers
mailing list