I have written a server daemon for an astronomical camera and telescope.
Currently I use a private user authorization file. My policy is that to
connect to my server you must be listed in my authorization file as
<username>@<host> _and_ have an account on the daemon's machine _and_
supply a password that (using crypt) matches the /etc/passwd entry.
I'd like to change the above. First off I don't want the server machine
to be forced to keep encrypted passwords in /etc/passwd. /etc/shadow
or NIS/NIS+ is required. Reading /etc/shadow requires the server to be
root and I don't want that. Second my method transmits a plain text password
in the clear.
So, I'm asking if there is an easy _portable_ (server is Linux, clients
could be anything, Linux, MacOS, DOS, Win9x/nt/2k..) way to validate
clients over a socket?
I could code the whole thing myself: The server sends a random string.
The client prompts the user for a password, concatenates the random
string, encrypts the concatenation and sends it back to the server.
But I'd rather use something ready made. Any pointers...
--
Chris Albertson
[EMAIL PROTECTED] Voice: 626-351-0089 x17
Logicon, Pasadena California Fax: 626-351-0699
--
To unsubscribe:
mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
