readers.conf: problem with secure connection
Bill Tangren
bjt at aa.usno.navy.mil
Wed Mar 16 20:09:53 UTC 2005
Bill Tangren wrote:
> Hello all:
>
> I have inn 2.4.1 running on my server (which is behind a firewall). I am
> attempted to setup secure connections through the firewall. This is what
> I want to do: The newsgroups I have are all local and private. I have no
> external feeds.
>
> I want to be able to allow *only* those who have accounts on this server
> to be able to access these newsgroups from outside the firewall.
>
> I want to be able to use the user's system username/password for
> authentication, so that the user doesn't have to keep (i.e. remember)
> and maintain an additional password.
>
> Right now, I am testing the system behind the firewall by setting up a
> test user on another computer and trying to get the inn server to prompt
> for the username/password,and to check the /etc/passwd file for validation.
>
> The server, before I started piddling with auth commands, allowed anyone
> to make a secure connection. Now that I am trying to add authentication,
> all I get is a wait cursor when I use a newsgroup reader for access.
>
> This is an example of what I've tried in my readers.conf:
>
> auth "identified" {
> auth: "ckpasswd -f /etc/passwd"
> res: "ident"
> default: <FAIL>
> }
>
> What I would like to know is, is what I am trying to do possible?
>
> Searching through your archives has turned up a few examples (what you
> see above is one of them), but nothing like what I am trying to do.
> Could someone point me to a URL with an explanation, or better yet,
> examples?
>
> TIA,
>
> Bill Tangren
>
I decided to try using telnet to connect to this server. I find that neither
telnet news.server.com 563
nor
ssh -p 563 news.server.com
work. Both time out. So, the problem I seem to be having is that the
xinetd.d service, given by
service nntps
{
socket_type = stream
protocol = tcp
wait = no
user = news
disable = no
server = /news/bin/nnrpd
server_args = -S
}
is not working. I don't understand this, because I am able to use a news
reader (thunderbird) to obtain a listing of newsgroups, and to subscribe
to some of them, when I access the news server through port 563. It is
when I try to download messages from those groups that the newsreader
hangs.
I don't know were error messages (if any) are going, so I'm stuck trying
to debug this.
Any suggestions?
Bill Tangren
More information about the inn-workers
mailing list