[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: BSD Authentication, SKEY and telnetd/ftpd/anything(?) ..
Hiya Ben,
Thanks.
This is fine - BUT - it forces default (telnet) to use SKEY (which isn't
necessarily a bad thing); my point was the ftpd and telnetd will only
use the first specified mechanism ... which isn't necessarily what
people (me!) want?
I'd like to (as with the krb-or-pwd) to try mechanism X and then
mechanism Y. What is the point in allowing a list of mechanisms if only
the first is used?
-BK
-----Original Message-----
From: Ben Hooper [mailto:ben.hooper@diskcopy.com.au]
Sent: 08 February 2002 18:38
To: 'Benjamin Kelly'
Cc: misc@openbsd.org
Subject: RE: BSD Authentication, SKEY and telnetd/ftpd/anything(?) ..
<---snip--->
# Default authentication methods
auth-defaults:auth=skey,passwd,activ,crypto,snk,chpass,lchpass,token:
auth-ftp-defaults:auth-ftp=passwd,activ,crypto,snk,token:
auth-ssh-defaults:auth-ssh=passwd,activ,crypto,snk,chpass,lchpass,token:
default:\
:path=/usr/bin /bin /usr/sbin /sbin :\
:umask=022:\
:datasize-max=256M:\
:datasize-cur=64M:\
:maxproc-max=128:\
:maxproc-cur=64:\
:openfiles-cur=64:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:\
:tc=auth-ssh-defaults:
<---snip--->
Everything (default) uses s/key but ftp and ssh.
HTH.
Regards,
Ben.