Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 13 Jul 1996 23:59:36 -0700
From:      Sean Eric Fagan <sef@kithrup.com>
To:        hackers@freebsd.org
Subject:   "login classes"
Message-ID:  <199607140659.XAA02107@kithrup.com>

next in thread | raw e-mail | index | archive | help
Well, I was a Busy Boy today.  While doing some other task%, I decided to
start implementing login classes for FreeBSD.

They are heavily modeled after the BSD/OS versions, of course, since that's
the only implementation I know of ;).

I've been poring over BSD/OS header files and man pages for a couple of
weeks now, and, since I had a bunch of idle time today while waiting for my
other task% to complete, I went for it.

I implemented, as far as I can tell, the library side of the BSD/OS login
class stuff.  My test program -- which doesn't *do* anything useful,
admittedly -- does seem to work.

There are three sides to the login classes -- the library functions,
modified utilities, and some new utilities to provide authentication.  I
don't know that I can do the login et al modifications, and I *know* I don't
know about about kerberos and S/Key to write that.

(Basicly, the reason I want this is because I want to be able to use S/Key.
However, I don't like having a seperate account name for that.  The login
classes allow you to specify something like, "sef:skey" at the login:
prompt, and login will then use S/Key instead of the default mechanism.  It
also removes all password and/or authentication from the login program
proper, relying on /usr/libexec/auth_* -- e.g., /usr/libexec/auth_passwd and
/usr/libexec/auth_skey.)

So... who knows login and related commands, and who knows kerberos, password
authentication, and S/Key? ;)

Sean.
----
% I would say what this task was, but the *last* time I mentioned it on the
list, I got yelled at for several weeks for offending people's
sensibilities. ;)
----




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199607140659.XAA02107>