Re: login program
Hello!
Em Qua 11 Jul 2001 02:16, você escreveu:
| On Wed, Jul 11, 2001 at 02:08:00AM -0300, Pablo Lorenzzoni wrote:
| > Hello!
| >
| > I am thinking about compiling and packaging a diversion of the
| > login program with support for the "otpw" One Time Password
| > approach [1]. My primary intent is to compile a login program
| > that authenticate *only* OTPs. This is to be used, mainly, with
| > mgetty, but also to be used in place of the regular login program
| > if only OTPs are required. Since otpw doesn't use PAM, or shadow
| > passwords (it uses a dotfile under user's home directory), their
| > support won't be needed. My question is: will this cause any
| > trouble? Of course it will not be the default diversion!!! That
| > is fullfiled by login package already. My intent is to create an
| > alternative which I believe to be useful for that ones who need
| > just OTPs as well as for that ones who want to use OTPs for
| > something particular and the regular login for everything else
| > (e.g mgetty).
|
| One suggestion, why not install a /bin/login-otpw, and have people
| modify /etc/inittab to use it, instead of using a diversion?
That will be my first attempt. Actually, I am thinking of compiling
a login-otpw.c with very little code (just essential stuff) and, of
course, otpw.
But I am thinking, also, in making this program check its own name.
If it matches login-otpw, then only otpw will be allowed. If its name
is login-slash (ln -s login-otpw login-slash), then passes the
control to the real login, unless the user adds a slash (/) after his
username, which tells login-otpw to allow only otpw password.
This would solve my problem, would keep the code duplication as low
as possible, and would let the user choose which version to use.
What do u think?
[]s
Pablo
--
Pablo Lorenzzoni (Spectra) <spectra@debian.org>
GnuPG PubKey at search.keyserver.net (Key ID: 268A084D)
Webpage: http://people.debian.org/~spectra/
Reply to: