[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-hackers
Subject:    "login classes"
From:       Sean Eric Fagan <sef () kithrup ! com>
Date:       1996-07-14 6:59:36
[Download RAW message or body]

Well, I was a Busy Boy today.  While doing some other task%, I decided to
start implementing login classes for FreeBSD.

They are heavily modeled after the BSD/OS versions, of course, since that's
the only implementation I know of ;).

I've been poring over BSD/OS header files and man pages for a couple of
weeks now, and, since I had a bunch of idle time today while waiting for my
other task% to complete, I went for it.

I implemented, as far as I can tell, the library side of the BSD/OS login
class stuff.  My test program -- which doesn't *do* anything useful,
admittedly -- does seem to work.

There are three sides to the login classes -- the library functions,
modified utilities, and some new utilities to provide authentication.  I
don't know that I can do the login et al modifications, and I *know* I don't
know about about kerberos and S/Key to write that.

(Basicly, the reason I want this is because I want to be able to use S/Key.
However, I don't like having a seperate account name for that.  The login
classes allow you to specify something like, "sef:skey" at the login:
prompt, and login will then use S/Key instead of the default mechanism.  It
also removes all password and/or authentication from the login program
proper, relying on /usr/libexec/auth_* -- e.g., /usr/libexec/auth_passwd and
/usr/libexec/auth_skey.)

So... who knows login and related commands, and who knows kerberos, password
authentication, and S/Key? ;)

Sean.
----
% I would say what this task was, but the *last* time I mentioned it on the
list, I got yelled at for several weeks for offending people's
sensibilities. ;)
----

[prev in list] [next in list] [prev in thread] [next in thread]