readers.conf: problem with secure connection

Jeffrey M.Vinocur jeff at litech.org
Thu Mar 17 12:17:37 UTC 2005


On Mar 16, 2005, at 12:27 PM, Bill Tangren wrote:

> I want to be able to allow *only* those who have accounts on this 
> server
> to be able to access these newsgroups from outside the firewall. [...]
>
> The server, before I started piddling with auth commands, allowed 
> anyone
> to make a secure connection. Now that I am trying to add 
> authentication,
> all I get is a wait cursor when I use a newsgroup reader for access.
>
> This is an example of what I've tried in my readers.conf:
>
> auth "identified" {
>      auth: "ckpasswd -f /etc/passwd"
>      res: "ident"
>      default: <FAIL>
> }

Do you use identd?  The delay that you're describing sounds like it 
could be ident waiting for a timeout to occur.  If you want to use 
ident but only inside the firewall, I'd recommend two auth blocks with 
hosts: restrictions to keep you from trying to ident-query people's 
home machines.

Also, you shouldn't use -f with ckpasswd, really.  If you want to check 
the system database and it doesn't use shadowed passwords, just use 
"ckpasswd"; if it does, use "ckpasswd -s".

I can provide examples once we flush this out a little better.


-- 
Jeffrey M. Vinocur
jeff at litech.org



More information about the inn-workers mailing list