Uauth Manual
?
Uauth Manual introduction
This document is the manual of UsbAuth mainly written for system administrators, and the Uauth command which becomes the core.
Default configuration
|
Execution file |
/usr/local/sbin/{uauth, usbauth, uauthwait} |
|
Data base |
/usr/local/etc/usbauth |
|
The mount point of an auth device |
/mnt/auth |
|
A setup of an auth device |
/etc/uauth.conf |
This is normal position by standard configuration. Thus, the following explanation is as this set up. When that is not right, please read suitably and apply.
The purpose of each files
|
File |
Language |
purpose |
|
uauth |
C |
Issues of new account, check authentication, remove of account. |
|
uauthwait |
ncursis |
Draw dialog for waiting login. |
|
usbauth |
sh script |
Set up environments and accept login for authenticated person |
|
/usr/local/etc/usbauth |
gdbm |
Database for this authentication users |
|
/mnt/auth |
dir |
The mounting point for the authentication device |
|
/etc/uauth.conf |
text |
config device name for usbauth |
The option of uauth
|
-d, --device device |
The device name for authentication |
Since usbauth uses /etc/uauth.conf and uauth does not use it, it directs as this option. |
|
-a, --add username |
Registration of a user |
Combine with -d option and carry out manufacture of new registration of a user and an authentication device. |
|
-r, --remove username |
delete account |
delete account of registered user |
|
-f, --dbfile dbpath |
Specification of a data base file |
Although /usr/local/etc/usbauth is default. It is used when using another database. |
|
-h, --help |
Help |
display options list |
|
-v, -V, --version |
display version |
Display version of this program. When sending an error report, I would like you to surely connect this display. |
Back Door
Although the system to be used has the high degree of secrecy, however "it is necessary to educate" first of all when the user does not understand the importance of "attestation" well Introduce this UsbAuth system and the passwd column of /etc/passwd is made into *. If use also of NIS is made improper, since a method will be lost besides general passwd attestation not being carried out and Login by this UsbAuth system from a system console, From an insecure user, a risk of information being revealed decreases considerably.
However, a certain trouble occurs in UsbAuth system, and there is a danger that the situation, which a system administrator does not put in, either, will happen.
For this reason, UsbAuth prepared Back door.
If ESC is pushed in when the Login screen is displayed, it will shift to xdm login.
Well, it is standard attestation of X11, and usually, Back Door will think that the fall of a security level can be managed with minimum, if login is forbidden by a general user's method described previously.
Copyright (c) 
$Id: uaurh.html,v 1.5 2003/09/26 10:40:47 mac Exp $