login_auth man page on BSDOS

Man page or keyword search:  
man Server   6284 pages
apropos Keyword Search (all sections)
Output format
BSDOS logo
[printable version]

LOGIN_AUTH(8)		  BSD System Manager's Manual		 LOGIN_AUTH(8)

NAME
     login_auth - remote authentication service

SYNOPSIS
     login_auth [-d] [-s service] [-t tracefile] [-T tracefile] [-v
		name=value] name [class]

DESCRIPTION
     The login_auth program implements remote authentication (see
     login.conf(5)).  The authserver entry in the for the users class is used
     as the hostname of a machine running the authsrv(8) daemon.

     Available options are:

     -d	     Allow stand-alone debugging.

     -s	     Specify the service.  Currently only challenge, login, and
	     response are supported.

     -t	     Place a trace of all data sent and received as it appears on the
	     wire into the file tracefile. The data is displayed in hexadeci-
	     mal.

     -T	     Same as the -t flag except the clear text information is also re-
	     ported.  THIS WILL REPORT SENSITIVE INFORMATION, SUCH AS PASS-
	     WORDS, IN THE CLEAR AND SHOULD ONLY BE USED WHEN DIAGNOSING A
	     PROBLEM AND NEVER USED IN PRODUCTION.

     -v	     This option and its value are ignored.

     Before contacting the server, login_auth first searches the
     /etc/authsrv.keys directory for a file which matches the IP address of
     the server.  A file is deemed to match the IP address if one of the IP
     addresses associated with the name (as provided by gethostbyname(3))
     match the servers IP address.  The first match is used.  The file matched
     is expected to contain a single line of text which consists of a authen-
     tication mode followed by a single space and authentication mode specific
     data.  The supported authentication modes are:

     DES     Use DES to encrypt the data.  A new random session key is used
	     for each session, limiting the exposure of the long lived shared
	     secret key.

     MD5     Use MD5 to encrypt the data.  A new random noise vector is gener-
	     ated by each side for each session to confound analysis of multi-
	     ple sessions.

     It is expected that rather than requesting the auth style directly (in
     which case authsrv(8) uses a default style) that login_auth will be
     linked to the various mechanisms desired.	For instance, to have all
     CRYPTOCard and ActivCard authentication take place on a remote server via
     the remote authentication protocol, remove the login_activ and
     login_crypto modules and link login_auth to both of those names.  Now
     when the user requests one of those authentication styles, login_auth
     will automatically forward the request to the remote authsrv(8) and re-
     quest it do the requested style of authentication.

SEE ALSO
     auth(4),  login.conf(5),  auth-keyx(8),  authsrv(8),  login(8)

BSDI BSD/OS			 May 16, 1997				     1
[top]
                             _         _         _ 
                            | |       | |       | |     
                            | |       | |       | |     
                         __ | | __ __ | | __ __ | | __  
                         \ \| |/ / \ \| |/ / \ \| |/ /  
                          \ \ / /   \ \ / /   \ \ / /   
                           \   /     \   /     \   /    
                            \_/       \_/       \_/ 
More information is available in HTML format for server BSDOS

List of man pages available for BSDOS

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net