diff options
Diffstat (limited to 'ax25/axspawn.8')
-rw-r--r-- | ax25/axspawn.8 | 74 |
1 files changed, 71 insertions, 3 deletions
diff --git a/ax25/axspawn.8 b/ax25/axspawn.8 index ccb6934..5d6f6b0 100644 --- a/ax25/axspawn.8 +++ b/ax25/axspawn.8 @@ -2,7 +2,7 @@ .SH NAME axspawn \- Allow automatic login to a Linux system. .SH SYNOPSIS -.B axspawn [--wait, -w] +.B axspawn [--pwprompt PR0MPT, -p PR0MPT] [--changeuser, -c] [--rootlogin, -r] [--only-md5] [--wait, -w] .SH DESCRIPTION .LP .B Axspawn @@ -32,11 +32,75 @@ SSID). There must be at least one digit, and max. two digits within the call. The SSID must be within the range of 0 and 15. Please drop me a note if you know a valid Amateur Radio callsign that does not fit this pattern _and_ can be represented correctly in AX.25. +.LP +axspawn also has the well known authentication mechanisms of the AX.25 bbs +.B baycom (sys) +and +.B md5 +standards. +axspawn searches in /etc/ax25/bcpasswd (first) and ~user/.bcpasswd (second) +for a match of the required authentication mechanism and password. +md5 and baycom passwords may differ. md5 passwords gain over baycom passwords. + +Note: you could "lock" special "friends" out by specifying an empty password +in /etc/ax25/bcpasswd (line "n0call:md5:"). -> md5 Passwords are enforced. But +the length is shorter than the minimum (len 8 for md5, len 20 for baycom); +user's password file is not searched because in /etc/ax25/bcpasswd its already +found.. + +Syntax and caveeats for /etc/ax25/bcpasswd: + - Has to be a regular file (no symlink). Not world-readable/writable. + - Example lines: + # Thomas + dl9sau:md5:abcdefgh + # Test + te1st:sys:12345678901234567890 + # root + root:md5:ziz7AoxuAt6jeuthTheexet0uDa9iefuAeph3eelAetahmi0 + # misconfiguration: + thisbadlineisignored + # With this line + systempasswordonly + # .. axspan will not look in user's homedir for his .bcpasswd + +Syntax and caveeats for user's .bcpasswd in his $HOME: + - Has to be a regular file (no symlink). Neither group- nor world- + read-/writable. Has to be owned by the user or uid 0 (root). + - Example lines: + # could be shorter + md5:abcdefgh + # should be longer + sys:12345678901234567890 + .SH OPTIONS .TP 5 +.B -p DB0FHN or --pwprompt DB0FHN +While baycom or md5 password authentication (see above), the password prompt +is set to the first argument (DB0FHN in this example). This may be needed +for some packet-radio terminal programs for detecting the password prompt +properly. +.TP 5 +.B -c, --changeuser +Allow connecting ax25 users to change their username for login. They'll be +asked for their real login name. +.TP 5 +.B -r, --rootlogin +Permit login as user root. Cave: only md5 or baycom style is allowed; no +plaintext password. +.TP 5 +.B --only-md5 +Insist in md5 authentication during login. If no password for the user is +found, or it is not md5, then no other login mechanism is granted. +This option, in combination with -c and -r, may be a useful configuration for +systems where no ax25 user accounts are available, but you as sysop would +like to have a login access for your administrative tasks. +.TP 5 .B -w, --wait -Disables the prompting for a password if the password entry in /etc/passwd -is either a \(lq+\(rq or blank. +Eats the first line the user sends. This feature is useful if you have +TCP VC connects to the same Call+SSID. It is now obsolete, because +ax25d is the right place for this and implements this functionality better. +.TP 5 +Theses are options and not part of the preferences because you _may_ like to have on every interface definition in ax25d.conf (where axspawn is started from) a different behaviour. .SH FILES .nf /etc/passwd @@ -45,6 +109,10 @@ is either a \(lq+\(rq or blank. .br /etc/ax25/axspawn.conf .fi +/etc/ax25/bcpasswd +.fi +~/.bcpasswd +.fi .SH "SEE ALSO" .BR axspawn.conf (5), .BR ax25d (8). |