Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   11362 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

LOGIN_TIS(8)		OpenBSD System Manager's Manual		  LOGIN_TIS(8)

NAME
     login_tis - provide TIS Firewall Toolkit authentication type

SYNOPSIS
     login_tis [-s service] [-v fd=number] user [class]

DESCRIPTION
     The login_tis utility is called by login(1), su(1), ftpd(8), and others
     to authenticate the user via the TIS ``Firewall Toolkit'' authentication
     server (authsrv), optionally using DES encryption.

     The service argument specifies which protocol to use with the invoking
     program.  The allowed protocols are login, challenge, and response.  The
     default protocol is login.

     The fd argument is used to specify the number of an open file descriptor
     connected to authsrv.  This allows a persistent connection to be used for
     separate challenge and response authentication.

     The user argument is the login name of the user to be authenticated.

     The class argument is the login class of the user to be authenticated and
     is used to look up /etc/login.conf variables (see below).	It is also
     sent to authsrv for logging purposes.  If no class argument is specified,
     the class will be obtained from the password database.

     login_tis will connect to authsrv and, depending on the desired protocol,
     will do one of three things:

     login	Present user with a challenge, accept a response and report
		back to the invoking program whether or not the authentication
		was successful.

     challenge	Return a challenge for user if the user's entry in authsrv
		specifies a challenge/response style of authentication.

     response	Send a response to authsrv and report back to the invoking
		program whether or not the server accepted it.

LOGIN.CONF VARIABLES
     The login_tis utility uses the following TIS-specific /etc/login.conf
     variables:

     tis-keyfile     Path to a file containing a DES key string to be used for
		     encrypting communications end to end with authsrv.	 This
		     file must not be readable or writable by users other than
		     root.  If no tis-keyfile is specified, communication with
		     authsrv will be sent in clear text.

     tis-port	     Symbolic name listed in services(5) or port number on
		     which authsrv listens.  Defaults to port 7777.

     tis-server	     Hostname or IP address of the TIS authsrv daemon to
		     connect to.  Defaults to ``localhost''.

     tis-server-alt  Alternate server to use when the primary is not
		     reachable.

     tis-timeout     Number of seconds to wait for a response from authsrv.
		     Defaults to 15 seconds.

SEE ALSO
     login(1), login.conf(5), services(5), ftpd(8), login_radius(8)

OpenBSD 4.9			 May 31, 2007			   OpenBSD 4.9

Vote for polarhome