Trying to do authentication with htpasswd file
Lisa Ungar
lungar at us.ibm.com
Thu Mar 31 19:34:45 UTC 2005
Hi,
I did some testing and decided to set this up on a 2.4.1 INN machine to
rule out earlier version problems.
There is no space in the password itself.
At first the news reader client (Mozilla 1.7 on AIX) just displays a
blank screen with no newsgroups. It didn't prompt me to login when I
requested newsgroups.
Next, I setup in news reader client properties to force authentication
every time it connects.
The news.notice file now says:
Mar 31 14:17:45 w3forums1b nnrpd[28624]: techstudy.watson.ibm.com
(9.2.168.142)
connect
Mar 31 14:17:59 w3forums1b nnrpd[28624]: techstudy.watson.ibm.com bad_hook
program caught signal 15
Mar 31 14:17:59 w3forums1b nnrpd[28624]: techstudy.watson.ibm.com bad_auth
Mar 31 14:17:59 w3forums1b nnrpd[28624]: techstudy.watson.ibm.com times
user 0.0
10 system 0.000 idle 0.005 elapsed 13.748
Mar 31 14:17:59 w3forums1b nnrpd[28624]: techstudy.watson.ibm.com time
13750 idl
e 13730(3) nntpwrite 0(7)
Any ideas?
Thanks,
Lisa
"Jeffrey M.Vinocur" <jeff at litech.org>
Sent by: inn-workers-bounce at isc.org
03/25/2005 09:04 PM
To
"'inn-workers at isc.org' (E-mail)" <inn-workers at isc.org>
cc
Subject
Re: Trying to do authentication with htpasswd file
On Mar 25, 2005, at 2:38 PM, Lisa Ungar wrote:
> auth "forumslogin" {
> hosts: "techstudy.watson.ibm.com"
> auth: "/usr/local/news/bin/auth/passwd/ckpasswd -f
> /usr/local/news/w3appusers"
> default: "<FAIL>"
> }
(You don't need the full path to ckpasswd, by the way.)
> The ckpasswd command works when I do the echo test,
By this you mean manually generating ClientAuthname/ClientPassword as
input? If so, then there's nothing wrong with your password file
"w3appusers" itself or the way you generate it -- presumably htpasswd
generates crypted (and not MD5) passwords by default on your system.
(For future reference, recent versions of ckpasswd have -u and -p flags
that make testing much easier.)
> [...] from my News client it says bad_auth inside my news.notice file.
No other details in news.notice...hmm...does your password have a space
in it, by any chance?
> Should I add the res: ident information to the readers.conf stanzas?
Definitely not. That should only be used by people who already have
identd widely implemented on their networks -- if your users are
connecting from unix machines that are centrally administered, you
might fall in this category, but you'd want to talk to the people who
manage your user database / remote authentication stuff to find out if
identd is available to you.
--
Jeffrey M. Vinocur
jeff at litech.org
More information about the inn-workers
mailing list