From owner-freebsd-questions Mon Oct 2 17:53:57 2000 Delivered-To: freebsd-questions@freebsd.org Received: from endplay.inode.org (cpu1532.adsl.bellglobal.com [206.47.27.13]) by hub.freebsd.org (Postfix) with ESMTP id 806FB37B502 for ; Mon, 2 Oct 2000 17:53:55 -0700 (PDT) Received: from coup.inode.org (coup.inode.org [172.16.2.203]) by endplay.inode.org (8.9.3/8.9.3) with SMTP id UAA03627 for ; Mon, 2 Oct 2000 20:53:54 -0400 (EDT) From: David Jones To: freebsd-questions@freebsd.org Subject: S/Key doesn't accept local logins Date: Mon, 2 Oct 2000 20:48:51 -0400 X-Mailer: KMail [version 1.0.28] Content-Type: text/plain MIME-Version: 1.0 Message-Id: <00100220535300.00372@coup.inode.org> Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I recently implemented S/Key password enforcement for network logins from= hosts that do not support SSH. Such logins work fine; I have a list of passwor= ds and everything works fine. The problem is, the system is not letting me use my regular Unix password= for local logins. My skey.access file is: permit internet 172.16.2.0 255.255.255.0 permit port ttyv0 permit port /dev/ttyv2 Network 172.16.2 is my local LAN, behind a firewall. I have also tried l= ocal logins from my console ports. Logins from hosts on 172.16.2, as well as the local console ttyv0-ttyv2 a= ll require S/Key password. I have compiled skeyaccess.c from the current version S/Key library in TE= ST mode and ran it against my skey.access file. It thinks that I should hav= e Unix password access, i.e. the above is correct. However, I cannot ascertain = what login (or PAM or whatever is called between login and skey) passes in as arguments. I am running FreeBSD-4.1, so things are pretty recent. What am I doing wrong? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message