On Thu, 1 Nov 2001 bhoc@??? wrote:
> - Have a daemon listening at 127.0.0.1:<your_favourite_port_here>. That
> daemon runs as root, for reasons explained below.
> - Have a client program that sends userid/password pairs towards above
> daemon. This could be a base64-encoded string or some challenge/response
> method.
> - Daemon checks the uid/pw pair and responds with 'OK' or 'ERR' (with the
> mandatory 2 seconds sleep when ERR). It is up to the daemon how the check
> is done - getpwnam, getspnam, do_some_ldap_lookup,
> select_pw_from_pwtable_where_user_=_<foo>, ..., you get the idea.
> - Client then proceeds depending on answer.
Isn't this called RADIUS? See
RFC 2138 Remote Authentication Dial In User Service (RADIUS)
http://www.radius.cistron.nl/
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
