readers.conf: problem with secure connection
Bill Tangren
bjt at aa.usno.navy.mil
Tue Mar 22 13:09:08 UTC 2005
Jeffrey M.Vinocur wrote:
> On Mar 17, 2005, at 10:19 AM, Bill Tangren wrote:
>
>
>>It sounds like the identd is the problem, because I commented out the
>>ckpasswd line, and it still timed out. identd is not running, so I
>>downloaded it and installed it.
>
>
> Whoa, time out here. I think you're taking enormous leaps at a time
> and thereby making this much harder than it should be.
>
> Do you -want- identd? My understand of the configuration you're
> looking for is:
>
> (1) anyone inside the firewall can connect without password
> (2) anyone outside the firewall must authenticate against the system
> passwd file
>
> If so, you don't need identd.
>
> The only thing you'd need identd for to be able to use, in (1), users'
> account names (not just incoming IP addresses) for fine-grained access
> control or logging. That only works if identd is installed on the user
> workstations, or if all users are logging into the news server itself
> and running unix newsreaders (in which case identd on the server is
> sufficient).
>
>
Yes, this is correct. I try to take enormous leaps so as to not appear
stupid, only to find that I appear stupid anyway. Oh well. I am also
trying to replace an aging server with a new one, and this is the last
remaining stumbling block. [The old server was running inn
2.3.something, and didn't have this secure connection feature, and thus
no one who works here can access the news server from outside the firewall.]
Yes, (1) and (2) are exactly what I am trying to do. Right now, if I try
to connect using port 563, the connection times out. I can't figure out
what is causing it. I have yet to find any log which will tell me. Both
telnet and ssh, when used on the same machine, time out when trying to
access that port.
Any ideas?
Bill Tangren
More information about the inn-workers
mailing list