Adam Shostack allegedly wrote:
>
> Does anyone have/know of an authserv capable version of login or ftpd?
> I'd love a copy of logdaemon that called authserv, if one exists..
>
> Adam
I use Wietse Venema's "logdaemon" package, which supplies a
login and ftp program that supports EITHER skey or (with Bill
LeFebvre's mods) a digital pathways SNK. The login part works
just fine with SunOS. I don't use the ftp daemon, as I use a
kerberized ftp for user logins.
A nice feature is that you can spit a file out BEFORE the person
logs in, which is nice for legal notices (before someone logs
in, you can say "warning, this system is for authorized users
only. If you are bad, we will beat you with stun guns" or
whatever your lawyers' take is).
I was just now perusing the code to see where to add hooks for
the TIS fwtk authserv for it when this note came in. At first
pass, it doesn't seem too complex, but you never know; I haven't
ported anything to the authsrv for a while. Perhaps Mr. Ranum
has spare time? (ha ha ha!!)
The Logdaemon package works as is for me, on one machine. I was
looking to change it so that one place could act as an auth
server for multiple machine, for folks without kerberos
capabilities. This is a good staring point for patches,
however. It would seem that Mr. Venema might embrace a patch for
this.
logdaemon-5.3.tar.gz is available from the usual security
sources (COAST, etc)
chuck
References:
|
|
