Fincer
/
openntpd-openbsd
mirror of https://github.com/Fincer/openntpd-openbsd
1
0
Fork 0
Code Issues 0 Projects 0 Releases 61 Wiki Activity
Source code pulled from OpenBSD for OpenNTPD. The place to contribute to this code is via the OpenBSD CVS tree.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5723 Commits
49 Branches
2.1 GiB
Tree: f374911356
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'f374911356'
${ noResults }
openntpd-openbsd/src/etc/login.conf.in

86 lines
2.4 KiB
Raw Normal View History

allow default blowfish rounds to be tweakable by arch, no behavioral change ok deraadt
14 years ago
Add calls to setusercontext() and login_get*(). We basically call setusercontext() in most places where previously we did a setlogin(). Add default login.conf file and put root in the "daemon" login class.
24 years ago
List all authentication types; krb4-or-pwd is still the default...
23 years ago
be more consistent in terminology in comments
20 years ago
List all authentication types; krb4-or-pwd is still the default...
23 years ago
chpass will not change the kerberos password ok jmc@ millert@
19 years ago
List all authentication types; krb4-or-pwd is still the default...
23 years ago
mention radius but don't put it in the list of default authentication styles
23 years ago
List all authentication types; krb4-or-pwd is still the default...
23 years ago
add auth defaults
23 years ago
be more consistent in terminology in comments
20 years ago
the kerberos people can bite me. or enable kerberos themselves if they really want this. secure by default, and as i say, bite me. millert and markus and miod ok
22 years ago
add auth defaults
23 years ago
typo in comment; from Brian Poole
20 years ago
the kerberos people can bite me. or enable kerberos themselves if they really want this. secure by default, and as i say, bite me. millert and markus and miod ok
22 years ago
List all authentication types; krb4-or-pwd is still the default...
23 years ago
zap trailing spaces and tabs
23 years ago
List all authentication types; krb4-or-pwd is still the default...
23 years ago
Add calls to setusercontext() and login_get*(). We basically call setusercontext() in most places where previously we did a setlogin(). Add default login.conf file and put root in the "daemon" login class.
24 years ago
Generate login.conf from a template with optional per-architecture overrides
19 years ago
add auth defaults
23 years ago
allow default blowfish rounds to be tweakable by arch, no behavioral change ok deraadt
14 years ago
o move passwd.conf variables into login.conf o no longer install passwd.conf (but it is used if it exists and the needed info is not in login.conf) o added passwordtime and minpasswordlen login.conf variables
23 years ago
add auth defaults
23 years ago
Add calls to setusercontext() and login_get*(). We basically call setusercontext() in most places where previously we did a setlogin(). Add default login.conf file and put root in the "daemon" login class.
24 years ago
allow default blowfish rounds to be tweakable by arch, no behavioral change ok deraadt
14 years ago
Add calls to setusercontext() and login_get*(). We basically call setusercontext() in most places where previously we did a setlogin(). Add default login.conf file and put root in the "daemon" login class.
24 years ago
Generate login.conf from a template with optional per-architecture overrides
19 years ago
Add calls to setusercontext() and login_get*(). We basically call setusercontext() in most places where previously we did a setlogin(). Add default login.conf file and put root in the "daemon" login class.
24 years ago
Add authpf class as per the pf faq; from Alex Holst. OK beck@.
18 years ago
 
  1. # $OpenBSD: login.conf.in,v 1.3 2010/12/17 05:33:06 tedu Exp $
  2. 

  3. #
  4. # Sample login.conf file.  See login.conf(5) for details.
  5. #
  6. 

  7. #
  8. # Standard authentication styles:
  9. #
  10. # krb5-or-pwd	First try Kerberos V password, then local password file
  11. # passwd	Use only the local password file
  12. # krb5		Use only the Kerberos V password
  13. # chpass	Do not authenticate, but change users password (change
  14. #		the YP password if the user has one, else change the
  15. #		local password)
  16. # lchpass	Do not login; change user's local password instead
  17. # radius	Use radius authentication
  18. # skey		Use S/Key authentication
  19. # activ		ActivCard X9.9 token authentication
  20. # crypto	CRYPTOCard X9.9 token authentication
  21. # snk		Digital Pathways SecureNet Key authentication
  22. # token		Generic X9.9 token authentication
  23. #
  24. 

  25. # Default allowed authentication styles
  26. auth-defaults:auth=passwd,skey:
  27. 

  28. # Default allowed authentication styles for authentication type ftp
  29. auth-ftp-defaults:auth-ftp=passwd:
  30. 

  31. #
  32. # The default values
  33. # To alter the default authentication types change the line:
  34. #	:tc=auth-defaults:\
  35. # to be read something like: (enables passwd, "myauth", and activ)
  36. #	:auth=passwd,myauth,activ:\
  37. # Any value changed in the daemon class should be reset in default
  38. # class.
  39. #
  40. default:\
  41. 	:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin:\
  42. 	:umask=022:\
  43. 	:datasize-max=@DEF_DATASIZE_MAX@:\
  44. 	:datasize-cur=@DEF_DATASIZE_CUR@:\
  45. 	:maxproc-max=@DEF_MAXPROC_MAX@:\
  46. 	:maxproc-cur=@DEF_MAXPROC_CUR@:\
  47. 	:openfiles-cur=@DEF_OPENFILES_CUR@:\
  48. 	:stacksize-cur=4M:\
  49. 	:localcipher=blowfish,@DEF_BLOWFISH_RNDS@:\
  50. 	:ypcipher=old:\
  51. 	:tc=auth-defaults:\
  52. 	:tc=auth-ftp-defaults:
  53. 

  54. #
  55. # Settings used by /etc/rc and root
  56. # This must be set properly for daemons started as root by inetd as well.
  57. # Be sure reset these values back to system defaults in the default class!
  58. #
  59. daemon:\
  60. 	:ignorenologin:\
  61. 	:datasize=infinity:\
  62. 	:maxproc=infinity:\
  63. 	:openfiles-cur=128:\
  64. 	:stacksize-cur=8M:\
  65. 	:localcipher=blowfish,@ROOT_BLOWFISH_RNDS@:\
  66. 	:tc=default:
  67. 

  68. #
  69. # Staff have fewer restrictions and can login even when nologins are set.
  70. #
  71. staff:\
  72. 	:datasize-cur=@STAFF_DATASIZE_CUR@:\
  73. 	:datasize-max=@STAFF_DATASIZE_MAX@:\
  74. 	:maxproc-max=@STAFF_MAXPROC_MAX@:\
  75. 	:maxproc-cur=@STAFF_MAXPROC_CUR@:\
  76. 	:ignorenologin:\
  77. 	:requirehome@:\
  78. 	:tc=default:
  79. 

  80. #
  81. # Authpf accounts get a special motd and shell
  82. #
  83. authpf:\
  84. 	:welcome=/etc/motd.authpf:\
  85. 	:shell=/usr/sbin/authpf:\
  86. 	:tc=default: