[9fans] Drawterm vs Autentication Server

[9fans] Drawterm vs Autentication Server

[Alexander Povolotsky]

Is it possible to consider implementation  of "noauth" option for the
drawterm (running on Solaris )
 to allow to connect to the Plan 9 machine without authentication ?

Regards,
Alex Povolotsky

Re: [9fans] Drawterm vs Autentication Server

[presotto]

There's nothing special about the auth server except for who knows
that its the auth server.  You can always start auth/keyfs and run
aux/listen -t /rc/bin/service.auth on any machine and transform it
into an auth server.

If you want no authentication, you can change both cpu and drawterm.  If
you look closely at the cpu command, you'll see that it negotiates
authentication mechanism.  If you change cpu.c and drawterm.c to allow
a null authentication mechanism, you'll have what you want.  Look at
authmethod in both programs.

Re: [9fans] Drawterm vs Autentication Server

[forsyth]

>>If even the latter request is too hard to honor,
>>then at least I would like to ask Plan 9 code owners to provide for ability
>>to start "authentication server"
>>manually, thus allowing to fully upgrade from Plan 9 terminal to Plan 9 CPU
>>server "on the fly",
>>i.e. without reconfiguring and rebuilding the kernel.

i think you might be able to do that, by running auth/keyfs (see
keyfs(4)) and appropriate variants of aux/listen in a name space in
which you've previously run authfs(4) to provide suitably named
replacement authentication files to allow you to set your own keys.

Re: [9fans] Drawterm vs Autentication Server

[Alexander Povolotsky]

I did not mean that the enhancement I am requesting for Plan 9 owners to
implement only relates to the "drawterm" (Solaris code) side
(though implementation of the "noauth" modifier and passing it to Plan 9 cpu
server during connection  belongs to that part
of the code).
Obviously the Plan 9 listener should also be modified as a part of
fulfilling my request.

>You could consider removing
> the authentication protocol from both drawterm and
> the cpu listener, but that's more work than just setting
> up a proper auth server.

If what I am asking above is too much ..., then
instead of me removing the authentication protocol  in my copy of the code,
I would like to ask Plan 9 code owners to implement in the next standard
distribution.

If even the latter request is too hard to honor,
then at least I would like to ask Plan 9 code owners to provide for ability
to start "authentication server"
manually, thus allowing to fully upgrade from Plan 9 terminal to Plan 9 CPU
server "on the fly",
i.e. without reconfiguring and rebuilding the kernel.

Best Regards,
Alex Povolotsky
----------------------------------------------------------------------------
---------------------------------
<rsc@plan9.bell-labs.com> wrote in message
news:200104231539.LAA20789@smtp1.fas.harvard.edu...
> > Is it possible to consider implementation  of "noauth" option for the
> > drawterm (running on Solaris )
> >  to allow to connect to the Plan 9 machine without authentication ?
>
> It's not drawterm that is insisting on authentication,
> but the cpu server itself.  You could consider removing
> the authentication protocol from both drawterm and
> the cpu listener, but that's more work than just setting
> up a proper auth server.
>
> Russ

Re: [9fans] Drawterm vs Autentication Server

[rsc]

> Is it possible to consider implementation  of "noauth" option for the
> drawterm (running on Solaris )
>  to allow to connect to the Plan 9 machine without authentication ?

It's not drawterm that is insisting on authentication,
but the cpu server itself.  You could consider removing
the authentication protocol from both drawterm and
the cpu listener, but that's more work than just setting
up a proper auth server.

Russ