readers.conf: problem with secure connection

Bill Tangren bjt at aa.usno.navy.mil
Tue Mar 22 13:09:08 UTC 2005


Jeffrey M.Vinocur wrote:
> On Mar 17, 2005, at 10:19 AM, Bill Tangren wrote:
> 
> 
>>It sounds like the identd is the problem, because I commented out the
>>ckpasswd line, and it still timed out. identd is not running, so I
>>downloaded it and installed it.
> 
> 
> Whoa, time out here.  I think you're taking enormous leaps at a time 
> and thereby making this much harder than it should be.
> 
> Do you -want- identd?  My understand of the configuration you're 
> looking for is:
> 
> (1) anyone inside the firewall can connect without password
> (2) anyone outside the firewall must authenticate against the system 
> passwd file
> 
> If so, you don't need identd.
> 
> The only thing you'd need identd for to be able to use, in (1), users' 
> account names (not just incoming IP addresses) for fine-grained access 
> control or logging.  That only works if identd is installed on the user 
> workstations, or if all users are logging into the news server itself 
> and running unix newsreaders (in which case identd on the server is 
> sufficient).
> 
> 

Yes, this is correct. I try to take enormous leaps so as to not appear 
stupid, only to find that I appear stupid anyway. Oh well. I am also 
trying to replace an aging server with a new one, and this is the last 
remaining stumbling block. [The old server was running inn 
2.3.something, and didn't have this secure connection feature, and thus 
no one who works here can access the news server from outside the firewall.]

Yes, (1) and (2) are exactly what I am trying to do. Right now, if I try 
to connect using port 563, the connection times out. I can't figure out 
what is causing it. I have yet to find any log which will tell me. Both 
telnet and ssh, when used on the same machine, time out when trying to 
access that port.

Any ideas?

Bill Tangren



More information about the inn-workers mailing list