Date: Fri, 9 Apr 1999 09:50:38 -0400 (EDT) From: Robert Watson <robert@cyrus.watson.org> To: Lauro Barbosa <lauro@pro.via-rs.com.br> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD 2.2.8 and DES Message-ID: <Pine.BSF.3.96.990409094517.20187A-100000@fledge.watson.org> In-Reply-To: <370AB13A.3F2A2042@pro.via-rs.com.br>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 6 Apr 1999, Lauro Barbosa wrote: > Hello! > Please, i need help. > I have a server with FreeBSD 2.2.8 and DES instaled. > In this server the users can to login using login_name or > login_name. > (whit dot at end). for example: john or john. > Anybody know this problem ? > How can to correct this ? > Sorry my poor english. > Please send me a answer in private to lauro@pro.via-rs.com.br, > thanks, Lauro, Sorry -- I'm not sure if you mean that you would like them to be able to log in as either `user' or `user.', or that they can and that is a problem. If you would like to change it so they can, my suspicion is that changes in PAM and getpwnam are the best place to do that, but it will probably require rebuilding a lot of stuff from source. I don't believe there is a way to create such a mapping without software modification. It is possible that adding two password entries for each uid, with and without a . in the username, would work, but password changing would probably be flaky, as possibly with other things. Using a third party authentication mechanism like Kerberos might work, especially since in traditional kerberos `user.' is already equivilent to `user', as `user.' and `user' both indicate a null instance. This would minimize required changes to the code base, perhaps. Making sure, though, to have the `user' entry appear first, and that the users aren't going to need to change their user information. It might be nice to have an /etc/useraliases that allows you to map names to other names, but I'm not sure it's generally desirable, and would introduce interoperability problems with other platforms. Does anyone else know of a way to do this? Robert N Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: 03 01 DD 8E 15 67 48 73 25 6D 10 FC EC 68 C1 1C Carnegie Mellon University http://www.cmu.edu/ TIS Labs at Network Associates, Inc. http://www.tis.com/ Safeport Network Services http://www.safeport.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990409094517.20187A-100000>