Subject: Re: "BSD Authentication"
To: None <current-users@netbsd.org>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: current-users
Date: 11/24/1998 11:04:45
>>> Can someone mention a practical use for statically linking a
>>> program requiring authentication?
>> /sbin/init prompts for a password before giving a root shell, if the
>> console is not labeled secure.
> /sbin/init is run when the only possible method of authentication is
> from system files

Yes - well, kinda; if you're booting diskless you have a working
network at that point and could potentially use NIS or Hesiod or some
such.

> (i.e. /etc/master.passwd).

No.

I already have hacks in login to do one-time passwords (not S/key; what
I have is true one-time passwords, not algorithmically related); I
intend to add this method to my systems once BSDAuth or PAM or whatever
eventually goes in.  It seems to me that it would be a reasonable
system administration choice to permit a one-time password to
authenticate a single-user boot.  (If, for example, the console is
connected to a multi-port networked "console server" box, and you
happen to be connecting over a potentially sniffable channel, you may
want to use a one-time password.)

> That method, I've already stated, should be left in libc.

Actually, I'd *like* to see things architected such that it is possible
to statically link in any desired set of authentication methods at link
time.  I don't know whether this is possible; based on what I've seen,
it seems probably easier with PAM than with BSDAuth.  (Not that this is
necessary for init; either method can potentially, even for init, use
any authentication method whose support is present in the root
filesystem.)

					der Mouse

			       mouse@rodents.montreal.qc.ca
		     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B