9fans archive / 1999 / 02 / 35 /    prev next

From: James A. Robinson Jim.Robinson@Sta...
Subject: [9fans] Argh -- auth checklist?
Date: Wed, 24 Feb 1999 15:21:14 -0800

Anyone have a checklist of things to check for setting up the auth
stuff? I must not have set something up correctly, for I find that I
cannot telnet into my plan9 system and get a securenet challenge. =(

I've got my user login in the plan9 db and the securenet db. If I run
"status" on my user name, it comes back with

    user jimr: plan 9 key status is ok and never expires
    jimr:       James A. Robinson HighWire Press <jim.robinson@sta...>
    user jimr: network key status is ok and never expires
    user jimr: net key NNN NNN NNN NNN NNN NNN NNN NNN
    jimr:       James A. Robinson HighWire Press <jim.robinson@sta...>

where NNN are actually sets of 3 numbers. I've got keyfs running on both
key sets from /bin/cpurc:
    
    auth/keyfs -m/mnt/keys /adm/keys
    auth/keyfs -m/mnt/netkeys /adm/netkeys

Both /mnt/keys and /mnt/netkeys have directory 'jimr' and the info I can
get at inside them seem to indicate it is ok... Ummm, let's see. I've
got an entry in /lib/ndb/local stating that il=ticket port=566.

If I try and telnet in as anyone other then none, instead of getting a
challenge I immeditely get back a failure:

    ; telnet <myauthserver>
    Connected to <myauthserver.stanford.edu>.
    Escape character is '^]'.
    user: jimr
    authentication failure
    Connection closed by foreign host.

Sigh... I don't understand whether or not /lib/ndb/auth
is used for remote connections (I would think no, but...),
and I'm not sure what the fAQ means with the statement

    also: /lib/ndb/auth
    in /lib/ndb/local: 9P=auth

I'm missing something, but I have no idea what. =( I'm 
wondering if maybe the authserver doesn't realize that it
itself is the authserver? I have to use 0.1.0.0 as the auth
server IP address, or it won't boot up (the default says it
is 0.0.0.0, which crashes the system).


Jim