Dialup passwords in System 5

M. G. Hand marcus at pyuxt.UUCP
Sun Dec 9 14:47:54 AEST 1984 

The following information is due to Dave Harrison (d04akr!harrison) of Ohio
Bell, who after much digging, managed to extract it from AT&T.

To set up dial up passwords there are only a very few things
that need to be done. However, if you are going to try this
on the fly, and only want to affect YOUR login it is imperative
that you do it in the right sequence.

There are two files that need to be built. One is /etc/dialups this
file contains a list of the dialups you want to run "dialup password"
against. The entries would be as follows:

	/dev/tty00
	/dev/tty01
 	  .
 	  .
 	  .
	/dev/ttyxx

As you can see this will allow you to run "dialup password" only
against certain tty's.

The other file that needs to be built is /etc/d_passwd.
There are a few things that need to be explained before we 
proceed.

You can have different dailup passwords for different logins
or groups of logins. This is done by running differently named
shells against the logins you want to have different dialup
passwords. For example, lets say you wanted a different
dialup password than say Mike. We would need to do the
following:
We will call your shell "good" and Mike's "bad".
Do a cd to /bin, and LINK /bin/sh to /bin/good and LINK
/bin/sh to /bin/bad.

It is now time to build /etc/d_passwd.
The file will look as follows:

/bin/sh::
/usr/lib/uucp/uucico::
/bin/good:YOUR ENCRYPTED PASSWD GOES HERE:
/bin/bad:MIKE'S ENCRYPTED PASSWD GOES HERE:

An empty set of colons means there is no password required and
anyone running /bin/sh or /usr/lib/uucp/uucico in the above example
will not even be prompted for "dialup password".

Next go to /etc/passwd and have your login run the /bin/good shell
and Mike run the /bin/bad shell.

i.e.
marcus:retTUUh435:100:200:Marcus Hand:/usr/marcus:/bin/good:
mike:gdjsayreh435:101:200:Mike Russel:/usr/mike:/bin/bad:

A word of caution, any login that you will need to "su" to, like
root, mapss etc. can not have anything in the shell field in
/etc/passwd. Therefore, the admin logins must run the default
shell, i.e. /bin/sh so they could have a dialup password but
they would all have the same dialup password.

The way I get the encrypted password in d_passwd is change my
password and then manually copy the encryption into d_passwd.
In my example anyone running /bin/sh would not even be prompted
for a dialup password only you and Mike. You could have uucp
be prompted for a dialup password but I wouldn't advise it.
If you leave the entry as I have it shown uucp will not be
prompted.

Dave Harrison

I hope this is of help to you,

		marcus hand     (pyuxt!marcus)


-- 

		Marcus Hand	{ihnp4!}pyuxt!marcus

More information about the Comp.unix.wizards mailing list