Authentication of readers

Russ Allbery rra at
Sat Jun 24 01:47:26 UTC 2000

Sorry about the delay in responding.

Julien Lajeunesse <julien.lajeunesse at> writes:

> I want to set up some kind of authentication mecanism so only people who
> have an account can access the newsserver. I did this with
> /etc/news/nnrp.access, in which I listed every users I wanted to be able
> to access the news server with a password, like this:

> **
> **
> etc.


> Now, I read in the nnrp.access manpage that if I put a + instead of the
> password, the password will be passed to crypt and then matched against
> the /etc/passwd file or whatever file is used to authenticate users on
> my system.

You don't put + in the password field; you put it in the user field.  Note
that the man page says the third field, and the fields are:


Unfortunately, the INN 2.2 source doesn't have a way of saying to check
the system password file for some users and not for others, at least that
I'm aware of.

Note that if you use this on a system with shadow passwords, nnrpd has to
be able to read /etc/shadow, which can be quite problematic (since
normally only root can read it).  This can be a bit tricky to set up.

INN 2.3 will have a completely different user authentication mechanism.

Russ Allbery (rra at             <>

More information about the inn-workers mailing list