Uauth Manual

SourceForge.jp


?

Uauth Manual introduction

This document is the manual of UsbAuth mainly written for system administrators, and the Uauth command which becomes the core.


Default configuration

Execution file

/usr/local/sbin/{uauth, usbauth, uauthwait}

Data base

/usr/local/etc/usbauth

The mount point of an auth device

/mnt/auth

A setup of an auth device

/etc/uauth.conf

This is normal position by standard configuration. Thus, the following explanation is as this set up. When that is not right, please read suitably and apply.


The purpose of each files

File

Language

purpose

uauth

C

Issues of new account, check authentication, remove of account.

uauthwait

ncursis

Draw dialog for waiting login.

usbauth

sh script

Set up environments and accept login for authenticated person

/usr/local/etc/usbauth

gdbm

Database for this authentication users

/mnt/auth

dir

The mounting point for the authentication device

/etc/uauth.conf

text

config device name for usbauth


The option of uauth

-d, --device device

The device name for authentication

Since usbauth uses /etc/uauth.conf and uauth does not use it, it directs as this option.

-a, --add username

Registration of a user

Combine with -d option and carry out manufacture of new registration of a user and an authentication device.

-r, --remove username

delete account

delete account of registered user

-f, --dbfile dbpath

Specification of a data base file

Although /usr/local/etc/usbauth is default. It is used when using another database.

-h, --help

Help

display options list

-v, -V, --version

display version

Display version of this program.

When sending an error report, I would like you to surely connect this display.


Back Door

Although the system to be used has the high degree of secrecy, however "it is necessary to educate" first of all when the user does not understand the importance of "attestation" well Introduce this UsbAuth system and the passwd column of /etc/passwd is made into *. If use also of NIS is made improper, since a method will be lost besides general passwd attestation not being carried out and Login by this UsbAuth system  from a system console, From an insecure user, a risk of information being revealed decreases considerably.

However, a certain trouble occurs in UsbAuth system, and there is a danger that the situation, which a system administrator does not put in, either, will happen.

For this reason, UsbAuth prepared Back door.

If ESC is pushed in when the Login screen is displayed, it will shift to xdm login.

Well, it is standard attestation of X11, and usually, Back Door will think that the fall of a security level can be managed with minimum, if login is forbidden by a general user's method described previously.


Copyright (c)

$Id: uaurh.html,v 1.5 2003/09/26 10:40:47 mac Exp $