Re: [9fans] login problems

["Alberto Cortés" <alcortes@it.uc3m.es>]

On 2006-12-28 18:06, andrey mirtchovski wrote:
> >
> >After invoking "kill keyfs | rc ; auth/keyfs" I can see the users
> >directories under /mnt/keys. But I still can not cpu with the
> >login name of other users:
> >
> >    cpu: can't authenticate: grunt: auth_proxy rpc write: (black
> >    square)bootes: connection timed out
> >
> 
> the way an auth server works is by linking together several programs:
> keyfs, authsrv and listen. keyfs decrypts the users passwords (keys)
> and serves them as a plan9 file system, listen accepts connections on
> the auth port (tcp 567) and starts authsrv to verify passwords against
> keys in keyfs.
> 
> when you kill keyfs it disappears from the namespace in which listen
> 
> [...]
> 
> way to do it is the aforementioned killing/restarting of keyfs, which
> is what i use to add new users to machines where i have no physical
> access handy.

thank you for enlighten me, I was failing to see the big
picture.

After some more man page reading, I have been doing some tests:

  term% telnet tcp!grunt!17007
  connected to tcp!grunt!17007 on /net/tcp/1
  p9sk1@grunt.foo.bar(fs)
  >>>   (b)reak, (i)nterrupt, (q)uit, ...
  >>> q
  term%
  term%
  term% telnet tcp!grunt!567
  telnet: tcp!grunt!567: connection timed out  # this can be the problem!!
  term%
  term%
  term% cpu=grunt
  term% cpu -u bootes
  cpu%
  cpu%
  cpu% telnet tcp!grunt!567
  connected to tcp!grunt!567
  
  >>>   (b)reak, (i)nterrupt, (q)uit, ...
  >>> q
  cpu%
  cpu%
  cpu% tail -19 /rc/bin/cpurc
  auth/keyfs -wp -m /mnt/keys /adm/keys >/usr/bootes/tmp/keyfs_out >[2=1]
  auth/cron >>/sys/log/cron >[2=1] &
  #
  # also rename some files:
  #
  #if(! test -e /rc/bin/service.auth/il566){
  #    mv /rc/bin/service.auth/authsrv.il566 /rc/bin/service.auth/il566
  #    mv /rc/bin/service.auth/authsrv.tcp567 /rc/bin/service.auth/tcp567
  #    mv /rc/bin/service/il566 /rc/bin/service/_il566
  #    mv /rc/bin/service/tcp567 /rc/bin/service/_tcp567
  #}

  # services available to networks
  aux/listen -q -t /rc/bin/service.auth -d /rc/bin/service il
  aux/listen -q -t /rc/bin/service.auth -d /rc/bin/service tcp

  aux/mouse $mouseport
  aux/vga -l $vgasize
  exec rio
  cpu%
  cpu%
  cpu% cat /rc/bin/service.auth/tcp567
  #!/bin/rc
  /bin/auth/authsrv -d $3
  cpu% 

If ssh to a linux on the same LAN as grunt, I can connect to
grunt at port 567:

  alcortes@linux$ telnet grunt.foo.bar 567
  Trying 163.117.141.235...
  Connected to grunt.gast.it.uc3m.es.
  Escape character is '^]'.
  ^]
  telnet> q
  Connection closed.
  alcortes@linux$ 

It seems that the auth port of my server (grunt) can not been
reached from my home. Firewall problems?, isp problems?, Any more
thing I can be missing?



-- 
  http://bach.gast.it.uc3m.es/~alcortes/index.html