1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
enabling autologin:
first of all - you should know, that a feature like autologin can
be a security risk. As long as the client is running on a fully
trusted machine you shouldn't have problem though.
autologin can be done by supplying a file to the clients (only qt, kde, gtk),
where you put the username and password on differnt lines:
example: /home/username/secrect/mypass.pwd
----------------------------
username
password
----------------------------
(dont include the ---)
then call fireflier-client-xxx -a /home/username/secret/mypass.pwd
ensure that mypass.pwd is only readable by you:
chown username /home/username/secret/mypass.pwd
chmod 600 /home/username/secret/mypass.pwd
AS PUTTING YOUR SYSTEM ACCOUNT PASSWORD INTO A FILE IS
DISCOURAGED, I URGE YOU TO USE A SYSTEM LIKE libpam-pwdfile.
libpam-pwdfile enables you to use a different passsword for
fireflier access than for your system login
setting it up:
example /etc/pam.d/fireflier:
----------------------------------
auth required pam_listfile.so file=/etc/fireflier/fireflier.users onerr=fail sense=allow item=user
auth sufficient /lib/security/pam_pwdfile.so pwdfile /etc/fireflier/fireflier.passwords
auth required pam_unix.so nullok
account required pam_unix.so
session required pam_unix.so
password required pam_unix.so
----------------------------------
/etc/fireflier/fireflier.passwords should contain the new username/password
entries in the same format as /etc/passwd (or /etc/shadow).
The system passwords will still work with the example pam configuration.
you can generate encrypted passwords by using the script at:
http://eclipse.che.uct.ac.za/chpwdfile (see libpam-pwdfile documentation)
if you have any problem setting this up, feel free to contact us.
|
