This repository has been archived by the owner on Jan 11, 2019. It is now read-only.
/
README
63 lines (47 loc) · 2.16 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
I am including here patches contributed by Norbert Preining,
<preining@logic.at>. I had to rewrite some code to make it smooth after
Norbert's `verbose' patch for pam_skey, so I am including it here, too.
Here follows his description:
Patches for pam_skey:
I found one thing: Using wuftpd 1.6.1 with pam is not very good, because
you DON'T get the challange sent, you only see passwd:
If you type in the right skey, then you are right, but you have to
know which number is the current. If I compile wuftpd with --enable-skey
then it is very nice, because it says one of the following possibilities:
If ONLY skey is allowed and initialized:
331 s/key 93 alpha395403 required for preining.
Password:
if skey and passwd is allowed:
331 s/key 93 alpha23872 allowed for salzer.
Password:
if skey is not initialized.
331 Password required for leitsch.
Password:
This is very nice and helpful! the patch norb.patch implements this
functionality in pam_skey.c: This way you get
the above challenge for telnet/login if you use pam:
login: preining
challenge s/key 92 alpha395403 required
or
login: salzer
challenge s/key 93 alpha23872 allowed
If it is working for ftp/pam I don't know, but with wuftpd and --enable-skey
you get it directly!
===========================================================================
Patches for the linux-skey-0.2 package
THIS IS NOT THE pam_skey PACKAGE AND IS DISTRIBUTED SEPERATELY!!!
These patches were sent to the author of linux-skey but I got no response!
The package seems to be outdated and not improved anymore, please
use pam_skey!
netmatch.patch:
The problem was that the IP address was
never saved within the struct login and therefore the check for the
ip-addr always failed. I just made a bcopy, it works, but I am not
sure if this is the prefered method, since I am definitely NOT a
ip-hacker, although I know a bit of C.
linux-skey-wuftpd.patch:
The second patch is for
wuftpd 1.6 or so, which just changes the calls to the skey functions
from the Venema package to the linux-skey package (slightly different
calliong convention). It works for linux/x86 and linux/alpha (tested),
but for NO other platform (the #ifdefs are only changed for linux!).