File: pam_ftp.sgml

package info (click to toggle)
pam 0.79-5%2Betch1
  • links: PTS
  • area: main
  • in suites: etch
  • size: 3,248 kB
  • ctags: 1,934
  • sloc: ansic: 21,131; makefile: 1,504; sh: 571; perl: 400; yacc: 398
file content (93 lines) | stat: -rw-r--r-- 2,277 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
 
<!--
   $Id: pam_ftp.sgml 274 2005-07-13 09:52:25Z vorlon $
   
   This file was written by Andrew G. Morgan <morgan@kernel.org>
-->

<sect1>Anonymous access module

<sect2>Synopsis

<p>
<descrip>

<tag><bf>Module Name:</bf></tag>
<tt/pam_ftp.so/

<tag><bf>Author:</bf></tag>
Andrew G. Morgan &lt;morgan@kernel.org&gt;

<tag><bf>Maintainer:</bf></tag>
Author.

<tag><bf>Management groups provided:</bf></tag>
authentication

<tag><bf>Cryptographically sensitive:</bf></tag>
	
<tag><bf>Security rating:</bf></tag>

<tag><bf>Clean code base:</bf></tag>

<tag><bf>System dependencies:</bf></tag>

<tag><bf>Network aware:</bf></tag>
prompts for email address of user; easily spoofed (XXX - needs work)

</descrip>

<sect2>Overview of module

<p>
The purpose of this module is to provide a pluggable anonymous ftp
mode of access.

<sect2>Authentication component

<p>
<descrip>

<tag><bf>Recognized arguments:</bf></tag>
<tt/debug/;
<tt/users=XXX,YYY,.../;
<tt/ignore/

<tag><bf>Description:</bf></tag>

This module intercepts the user's name and password. If the name is
``<tt/ftp/'' or ``<tt/anonymous/'', the user's password is broken up
at the `<tt/@/' delimiter into a <tt/PAM_RUSER/ and a <tt/PAM_RHOST/
part; these pam-items being set accordingly. The username
(<tt/PAM_USER/) is set to ``<tt/ftp/''.  In this case the module
succeeds.  Alternatively, the module sets the <tt/PAM_AUTHTOK/ item
with the entered password and fails.

<p>
The behavior of the module can be modified with the following flags:
<itemize>
<item><tt/debug/ -
log more information to with <tt/syslog(3)/.

<item><tt/users=XXX,YYY,.../ - 
instead of ``<tt/ftp/'' or ``<tt/anonymous/'', provide anonymous login
to the comma separated list of users; ``<tt/XXX,YYY,.../''. Should the
applicant enter one of these usernames the returned username is set to
the first in the list; ``<tt/XXX/''.

<item><tt/ignore/ -
pay no attention to the email address of the user (if supplied).

</itemize>

<tag><bf>Examples/suggested usage:</bf></tag>

An example of the use of this module is provided in the configuration
file section <ref id="configuration" name="above">. With care, this
module could be used to provide new/temporary account anonymous
login.

</descrip>

<!--
End of sgml insert for this module.
-->