Xref: utzoo comp.bugs.sys5:910 comp.unix.wizards:15826 Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!ames!lll-winken!uunet!ingr!b11!linwood From: linwood@b11.ingr.com (Linwood Varney) Newsgroups: comp.bugs.sys5,comp.unix.wizards Subject: Re: Use of /etc/dialups and /etc/d_passwd Keywords: dialup security password tty sys5 Message-ID: <5041@b11.ingr.com> Date: 30 Apr 89 02:09:02 GMT References: <245@chip.UUCP> Reply-To: linwood@b11.UUCP (Linwood Varney) Organization: Intergraph Corp. Huntsville, AL Lines: 50 In article <245@chip.UUCP> mparker@chip.UUCP (M. D. Parker) writes: >In a system V environment, I'd be interested in knowing how these files >are used, their formats, etc. Actually these files are quite useful, especially if you are worried about security. The format of the /etc/dialups file is just a list of devices on separate lines that are concidered dailup ports, for example "/dev/tty00". If the port that login is running on is found in dialups file, then login looks in the /etc/d_passwd file to see if it should ask for a Dialup Password. A Dialup Password is asked if the Login Shell from the password file is found in the d_passwd file, along with a password. (I do not remember, but I think if the login shell was not found, login would use the first entry). The format of the d_passwd file is a list of lines with the following format: Login_Shell:Encrypted_Password: For example: $ cat /etc/dialups /dev/tty00 /dev/tty01 $ cat /etc/d_passwd /bin/sh:QDilgjTRu/6kU: /bin/ksh:Kzpmjf5lejk: /usr/lib/uucp/uucico:: $ If you were to login of either port /dev/tty00 or /dev/tty01, and your login shell was the /bin/sh, it would ask you for a "Dialup Password". If you were another computer trying to login as nuucp on one of those ports, a "Dialup Password" would be skipped. Oh, the Encrypted Password is the same as that found in the /etc/passwd file. There is no easy way to set it. What I did was password an account, and then using an editor, copy the password field from passwd to d_passwd. I also write a short program to do it. >... A string decomposition of my /bin/login >showed these two files being used not the documentation makes a vailed >reference to these files. Documentation is disappointingly vague. Source also helps.. :-) - Linwood Varney ...!uunet!ingr!linwood Network Communications linwood@ingr.com Intergraph Corporation Huntsville, Alabama