1. Forum
  2. Usenet
  3. NEWS.SOFTWARE.NNTP

  • Authenticating BBS users

    From Nigel Reed@21:1/5 to All on Thu Sep 29 15:01:52 2022
    Hi all,

    I must admit I've not done much with user authentication other than the
    basic readers.conf stuff, and then I'm not sure I fully understand that
    but anyway...I digress.

    I would like users on my bulletin board to be able to use my usenet
    server, but logging in with their BBS username and password. These are
    stored on a different server to the innd server.

    I'm open to suggestions on how I can authenticate the BBS users. I have
    a couple of options, when a new user registers and I verify them, I can manually run a script to update the news server, but then I'd have to
    remember to manually remove them if I delete the account.

    The other is some sort of auth script that checks the users entered
    username & password against the BBS database which can then provide a
    yes/no as to whether they should be allowed in.

    I'm sure I'm not the only one who needs to do with so thought I'd ask
    rather than re-write the wheel.

    Thanks,

    --
    End Of The Line BBS - Plano, TX
    telnet endofthelinebbs.com 23

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Russ Allbery@21:1/5 to Nigel Reed on Thu Sep 29 18:10:20 2022
    Nigel Reed <[email protected]> writes:

    The other is some sort of auth script that checks the users entered
    username & password against the BBS database which can then provide a
    yes/no as to whether they should be allowed in.

    I would do this, but then I've written tons of scripts like this so it's
    fairly easy for me. The protocol is documented in EXAMPLES in ckpasswd.
    If you specify a program with the auth: key in the auth block of
    readers.conf, it is run when the user authenticates and gets:

    ClientAuthname: <username>
    ClientPassword: <password>

    on standard input. It should print:

    User: <username>

    and exit with status 0 on successful authentication, and print some error message and exit with non-zero status

    The program can then do whatever you want, such as reach out to your BBS
    system to check the username and password.

    --
    Russ Allbery ([email protected]) <https://www.eyrie.org/~eagle/>

    Please post questions rather than mailing me directly.
    <https://www.eyrie.org/~eagle/faqs/questions.html> explains why.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Nigel Reed@21:1/5 to Russ Allbery on Fri Sep 30 04:15:40 2022
    On Thu, 29 Sep 2022 18:10:20 -0700
    Russ Allbery <[email protected]> wrote:

    Nigel Reed <[email protected]> writes:

    The other is some sort of auth script that checks the users entered username & password against the BBS database which can then provide
    a yes/no as to whether they should be allowed in.

    I would do this, but then I've written tons of scripts like this so
    it's fairly easy for me. The protocol is documented in EXAMPLES in
    ckpasswd. If you specify a program with the auth: key in the auth
    block of readers.conf, it is run when the user authenticates and gets:

    ClientAuthname: <username>
    ClientPassword: <password>

    on standard input. It should print:

    User: <username>

    and exit with status 0 on successful authentication, and print some
    error message and exit with non-zero status

    The program can then do whatever you want, such as reach out to your
    BBS system to check the username and password.

    Thank you. Sounds like every I need right there. I'll take a look at
    the examples. I can write a program to listen to encrypted auth
    requests on the BBS side easily enough so I think I'm good.

    Thanks,




    --
    End Of The Line BBS - Plano, TX
    telnet endofthelinebbs.com 23

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)