Re: boot-floppies
On Wed, 2 Dec 1998, Roland McGrath wrote:
> > This is a pet project of mine. Unfortunatly, I see little point in doing
> > this whilst passwords are not supported. I was told on hurd-help that USA
> > encryption laws prevent them from including the algorhythm that does
> > password checks :(. I think recompiling hurd may solve this, but I've
> > never done that before.
>
> I fail to see how boot floppies and encrypted passwords relate. But
> anyway, the hurd most certainly supports encrypted passwords, the very same
> code used on linux. Just like all US-based distributions, it cannot
> include the encryption code directly; you must get it from a non-US source
> (see the glibc README).
But I did!! I got it from nymph.csi.cam.ac.uk :(.
See my earler posts for the problems I have trying to get passwords
working. I include the relevent config files and /var/log/messages with
this post. I removed the hashes from /etc/passwd 'cos this is unencrypted
mail.
If you can tell me why login: checking passwords: operation not supported
is all I get, and how to fix it I will be most grateful...
Thanks,
Matthew
--
Elen sila lumenn' omentielvo
Steward of the Cambridge Tolkien Society
Selwyn College Computer Support
http://www.geocities.com/Area51/Chamber/8841/
http://www.cam.ac.uk/CambUniv/Societies/tolkien/
http://pick.sel.cam.ac.uk/
root:someencryptedstuff:0:0:root,,,:/root:/bin/sash
daemon:*:1:1:daemon:/usr/sbin:/bin/sh
bin:*:2:2:bin:/bin:/bin/sh
sys:*:3:3:sys:/dev:/bin/sh
sync:*:4:100:sync:/bin:/bin/sync
games:*:5:100:games:/usr/games:/bin/sh
man:*:6:100:man:/var/catman:/bin/sh
lp:*:7:7:lp:/var/spool/lpd:/bin/sh
mail:*:8:8:mail:/var/spool/mail:/bin/sh
news:*:9:9:news:/var/spool/news:/bin/sh
uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:*:13:13:proxy:/bin:/bin/sh
majordom:*:30:31:Majordomo:/usr/lib/majordomo:/bin/sh
postgres:*:31:32:postgres:/var/postgres:/bin/sh
www-data:*:33:33:www-data:/var/www:/bin/sh
backup:*:34:34:backup:/var/backup:/bin/sh
msql:*:36:36:Mini SQL Database Manager:/var/lib/msql:/bin/sh
operator:*:37:37:Operator:/var:/bin/sh
list:*:38:38:SmartList:/var/list:/bin/sh
irc:*:39:39:ircd:/var:/bin/sh
gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats/gnats-db:/bin/sh
alias:*:70:65534:qmail alias:/var/qmail/alias:/bin/sh
qmaild:*:71:65534:qmail daemon:/var/qmail:/bin/sh
qmails:*:72:70:qmail send:/var/qmail:/bin/sh
qmailr:*:73:70:qmail remote:/var/qmail:/bin/sh
qmailq:*:74:70:qmail queue:/var/qmail:/bin/sh
qmaill:*:75:65534:qmail log:/var/qmail:/bin/sh
qmailp:*:76:65534:qmail pw:/var/qmail:/bin/sh
nobody:*:65534:65534:nobody:/home:/bin/sh
mcv21:blah:1000:1000:Matthew Vernon,I8,,:/home/mcv21:/bin/bash
kit:blah:1001:1001:Kit Scorah,Girton,,:/home/kit:/bin/bash
ftp:!:101:101::/home/ftp:/bin/false
ptc24:blah:1002:1002:Peter Corbett,I7,,:/home/ptc24:/bin/bash
ajb72:blah:1003:1003:Adam Brunning,Girton,,:/home/ajb72:/bin/bash
tajc2:blah:1004:1004:Tom Clapham,Caius College,,:/home/tajc2:/bin/bash
mdwh2:blah:1005:1005:Mark Harman,Tit Hall,,:/home/mdwh2:/bin/bash
apc27:blah:1006:1006:Andrew Cowley,C28,Girton College,338999 (messages):/home/apc27:/bin/bash
jon:blah:1007:1007:Jonathan Amery,Tit Hall,,:/home/jon:/bin/bash
mbm:blah:1008:1008:Matthew Byng-Maddick,C7 Selwyn,,:/home/mbm:/bin/bash
rob:blah:1009:1009:,,,:/home/rob:/bin/bash
emma:blah:1010:1010:Emma Burt,New Hall,,:/home/emma:/bin/bash
mike:blah:1011:1011:Mike Vernon,,,:/home/mike:/bin/bash
tlm21:blah:1012:1012:Tim,,,:/home/tlm21:/bin/bash
slakko:blah:1013:1013:Duncan Richer,,,:/home/slakko:/bin/bash
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# Information about this file is available in the `libc6-doc' package.
passwd: files
group: files
shadow: files
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: db files
#/etc/group
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:lp
mail:x:8:
news:x:9:
uucp:x:10:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:
audio:x:29:
dip:x:30:
majordom:x:31:majordom
postgres:x:32:
www-data:x:33:
backup:x:34:
msql:x:36:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
staff:x:50:
games:x:60:
qmail:x:70:
users:x:100:
nogroup:x:65534:
mcv21:x:1000:
kit:x:1001:
ftp:x:101:
ptc24:x:1002:
ajb72:x:1003:
tajc2:x:1004:
mdwh2:x:1005:
apc27:x:1006:
jon:x:1007:
mbm:x:1008:
rob:x:1009:
emma:x:1010:
mike:x:1011:
tlm21:x:1012:
slakko:x:1013:
chapel:x:102:mcv21,nicholas
nicholas:x:1014:
#
# Internet server configuations for GNU Hurd
#
ftp stream tcp nowait root /libexec/in.ftpd ftpd -l
telnet stream tcp nowait root /libexec/in.telnetd telnetd -k
shell stream tcp nowait root /libexec/in.rshd rshd -L
login stream tcp nowait root /libexec/in.rlogind rlogind
exec stream tcp nowait root /libexec/in.rexecd rexecd
uucpd stream tcp nowait root /libexec/in.uucpd uucpd
tftp dgram udp wait root /libexec/in.ftpd tftpd
talk dgram udp wait root /libexec/in.talkd talkd
ntalk dgram udp wait root /libexec/in.ntalkd ntalkd
tcpmux stream tcp nowait root internal
echo stream tcp nowait root internal
discard stream tcp nowait root internal
chargen stream tcp nowait root internal
daytime stream tcp nowait root internal
time stream tcp nowait root internal
echo dgram udp wait root internal
discard dgram udp wait root internal
chargen dgram udp wait root internal
daytime dgram udp wait root internal
time dgram udp wait root internal
#
# Internet (IP) protocols
#
# $Id: protocols,v 1.2 1996/06/17 19:16:28 mib Exp $
#
# Updated for GNU from RFC 1700, October 1994.
#
ip 0 IP # internet protocol, pseudo protocol number
icmp 1 ICMP # internet control message protocol
igmp 2 IGMP # Internet Group Management
ggp 3 GGP # gateway-gateway protocol
ipencap 4 IP-ENCAP ip-encap # IP encapsulated in IP (officially ``IP'')
st 5 ST # ST datagram mode
tcp 6 TCP # transmission control protocol
ucl 7 UCL # "University College, London" (who knows?)
egp 8 EGP # exterior gateway protocol
igp 9 IGP # Any private interior gateway
bbn-rcc-mon 10 BBN-RCC-MON # BBN RCC Monitoring
nvp-ii 11 NVP-II # Network Voice Protocol
pup 12 PUP # PARC universal packet protocol
argus 13 ARGUS # ARGUS
emcon 14 EMCON # EMCON
xnet 15 XNET # Cross Net Debugger
chaos 16 CHAOS # Chaosnet
udp 17 UDP # user datagram protocol
mux 18 MUX # multiplexing
dcn-meas 19 DCN-MEAS # DCN Measurement Subsystems
hmp 20 HMP # host monitoring protocol
prm 21 PRM # packet radio measurement
xns-idp 22 XNS-IDP # Xerox NS IDP
trunk-1 23 TRUNK-1 # Trunk 1
trunk-2 24 TRUNK-2 # Trunk 2
leaf-1 25 LEAF-1 # Leaf 1
leaf-2 26 LEAF-2 # Leaf 2
rdp 27 RDP # "reliable datagram" protocol
irtp 28 IRTP # Internet Reliable Transaction Protocol
iso-tp4 29 ISO-TP4 # ISO Transport Protocol class 4
netblt 30 NETBLT # Net Bulk Data Transfer
mfe-nsp 31 MFE-NSP # MFE Network Services Protocol
merit-inp 32 MERIT-INP # MERIT Internodal Protocol
sep 33 SEP # Sequential Exchange Protocol
3pc 34 3PC # Third Party Connect Protocol
idpr 35 IDPR # Inter-Domain Policy Routing Protocol
xtp 36 XTP # Xpress Tranfer Protocol
ddp 37 DDP # Datagram Delivery Protocol
idpr-cmtp 38 IDPR-CMTP # IDPR Control Message Transport
tp++ 39 TP++ # TP++ Transport Protocol
il 40 IL # IL Transport Protocol
sip 41 SIP # Simple Internet Protocol
sdrp 42 SDRP # Source Demand Routing Protocol
sip-sr 43 SIP-SL # SIP Source Route
sip-frag 44 SIP-FRAG # SIP Fragment
idrp 45 IDRP # Inter-Domain Routing Protocol
rsvp 46 RSVP # Reservation Protocol
gre 47 GRE # General Routing Encapsulation
mhrp 48 MHRP # Mobile Host Routing Protocol
bna 49 BNA # BNA
sipp-esp 50 SIPP-ESP # SIPP Encap Security Payload
sipp-ah 51 SIPP-AH # SIPP Authentication Header
i-nlsp 52 I-NLSP # Integrated Net Layer Security TUBA
swipe 53 SWIPE # IP with Encryption
nhrp 54 NHRP # NBMA Next Hop Resolution
internal 61 # any host internal protocol
cftp 62 CFTP # CFTP
lan 53 LAN # any local network protocol
sat-expak 64 SAT-EXPAK # SATNET and Backroom EXPAK
kryptolan 65 KRYPTOLAN # Kryptolan
rvd 66 RVD # MIT Remote Virtual Disk Protocol
ippc 67 IPPC # Internet Pluribus Packet Core
dfs 68 DFS # any distributed file system
sat-mon 69 SAT-MON # SATNET Monitoring
visa 70 VISA # VISA Protocol
ipcv 71 IPCV # Internet Packet Core Utility
cpnx 72 CPNX # Computer Protocol Network Executive
cphb 73 CPHB # Computer Protocol Heart Beat
wsn 74 WSN # Wang Span Network
pvp 75 PVP # Packet Video Protocol
br-sat-mon 76 BR-SAT-MON # Backroom SATNET Monitoring
sun-nd 77 SUN-ND # SUN ND PROTOCOL-Temporary
wb-mon 78 WB-MON # WIDEBAND Monitoring
wb-expak 79 WB-EXPAK # WIDEBAND EXPAK
iso-ip 80 ISO-IP # ISO Internet Protocol
vmtp 81 VMTP # Versatile Message Transport
secure-vmtp 82 SECURE-VMTP # SECURE-VMTP
vines 83 VINES # VINES
ttp 84 TTP # TTP
nsfnet-igp 85 NSFNET-IGP # NSFNET-IGP
dgp 86 DGP # Dissimilar Gateway Protocol
tcf 87 TCF # TCF
igrp 88 IGRP # IGRP
ospf 89 OSPFIGP # Open Shortest Path First IGP
sprite-rpc 90 SPRITE-RPC sprite # Sprite RPC Protocol
larp 91 LARP # Locus Address Resolution Protocol
mtp 92 MTP # Multicast Transport Protocol
ax.25 93 AX.25 # AX.25 Frames
ipip 94 IPIP # Yet Another IP encapsulation
micp 95 MICP # Mobile Internetworking Control Pro
scc-sp 96 SCC-SP # Semaphore Communications Sec. Pro
etherip 97 ETHERIP # Ethernet-within-IP Encapsulation
encap 98 ENCAP # Yet Another IP encapsulation
encrypt 99 # any private encryption scheme
gmtp 100 GMTP # GMTP
#
# Network services, Internet style
#
# Note that it is presently the policy of IANA to assign a single well-known
# port number for both TCP and UDP; hence, most entries here have two entries
# even if the protocol doesn't support UDP operations.
# Updated from RFC 1340, ``Assigned Numbers'' (July 1992). Not all ports
# are included, only the more common ones.
#
#
tcpmux 1/tcp # TCP port service multiplexer
echo 7/tcp
echo 7/udp
discard 9/tcp sink null
discard 9/udp sink null
systat 11/tcp users
daytime 13/tcp
daytime 13/udp
netstat 15/tcp
qotd 17/tcp quote
msp 18/tcp # message send protocol
msp 18/udp # message send protocol
chargen 19/tcp ttytst source
chargen 19/udp ttytst source
ftp-data 20/tcp # default ftp data port
ftp 21/tcp
# 22 - unassigned
telnet 23/tcp
# 24 - private
smtp 25/tcp mail
# 26 - unassigned
time 37/tcp timserver
time 37/udp timserver
rlp 39/udp resource # resource location
nameserver 42/tcp name # IEN 116
whois 43/tcp nicname
domain 53/tcp nameserver # name-domain server
domain 53/udp nameserver
mtp 57/tcp # deprecated
bootps 67/tcp # BOOTP server
bootps 67/udp
bootpc 68/tcp # BOOTP client
bootpc 68/udp
tftp 69/udp
gopher 70/tcp # Internet Gopher
gopher 70/udp
rje 77/tcp netrjs
finger 79/tcp
www 80/tcp http # WorldWideWeb HTTP
www 80/udp # HyperText Transfer Protocol
link 87/tcp ttylink
kerberos 88/tcp krb5 # Kerberos v5
kerberos 88/udp
supdup 95/tcp
# 100 - reserved
hostnames 101/tcp hostname # usually from sri-nic
iso-tsap 102/tcp tsap # part of ISODE.
csnet-ns 105/tcp cso-ns # also used by CSO name server
csnet-ns 105/udp cso-ns
rtelnet 107/tcp # Remote Telnet
rtelnet 107/udp
pop2 109/tcp postoffice # POP version 2
pop2 109/udp
pop3 110/tcp # POP version 3
pop3 110/udp
sunrpc 111/tcp
sunrpc 111/udp
auth 113/tcp authentication tap ident
sftp 115/tcp
uucp-path 117/tcp
nntp 119/tcp readnews untp # USENET News Transfer Protocol
ntp 123/tcp
ntp 123/udp # Network Time Protocol
netbios-ns 137/tcp # NETBIOS Name Service
netbios-ns 137/udp
netbios-dgm 138/tcp # NETBIOS Datagram Service
netbios-dgm 138/udp
netbios-ssn 139/tcp # NETBIOS session service
netbios-ssn 139/udp
imap2 143/tcp # Interim Mail Access Proto v2
imap2 143/udp
snmp 161/udp # Simple Net Mgmt Proto
snmp-trap 162/udp snmptrap # Traps for SNMP
cmip-man 163/tcp # ISO mgmt over IP (CMOT)
cmip-man 163/udp
cmip-agent 164/tcp
cmip-agent 164/udp
xdmcp 177/tcp # X Display Mgr. Control Proto
xdmcp 177/udp
nextstep 178/tcp NeXTStep NextStep # NeXTStep window
nextstep 178/udp NeXTStep NextStep # server
bgp 179/tcp # Border Gateway Proto.
bgp 179/udp
prospero 191/tcp # Cliff Neuman's Prospero
prospero 191/udp
irc 194/tcp # Internet Relay Chat
irc 194/udp
smux 199/tcp # SNMP Unix Multiplexer
smux 199/udp
at-rtmp 201/tcp # AppleTalk routing
at-rtmp 201/udp
at-nbp 202/tcp # AppleTalk name binding
at-nbp 202/udp
at-echo 204/tcp # AppleTalk echo
at-echo 204/udp
at-zis 206/tcp # AppleTalk zone information
at-zis 206/udp
z3950 210/tcp wais # NISO Z39.50 database
z3950 210/udp wais
ipx 213/tcp # IPX
ipx 213/udp
imap3 220/tcp # Interactive Mail Access
imap3 220/udp # Protocol v3
ulistserv 372/tcp # UNIX Listserv
ulistserv 372/udp
#
# UNIX specific services
#
exec 512/tcp
biff 512/udp comsat
login 513/tcp
who 513/udp whod
shell 514/tcp cmd # no passwords used
syslog 514/udp
printer 515/tcp spooler # line printer spooler
talk 517/udp
ntalk 518/udp
route 520/udp router routed # RIP
timed 525/udp timeserver
tempo 526/tcp newdate
courier 530/tcp rpc
conference 531/tcp chat
netnews 532/tcp readnews
netwall 533/udp # -for emergency broadcasts
uucp 540/tcp uucpd # uucp daemon
remotefs 556/tcp rfs_server rfs # Brunhoff remote filesystem
#
webster 765/tcp # Network dictionary
webster 765/udp
#
# From ``Assigned Numbers'':
#
#> The Registered Ports are not controlled by the IANA and on most systems
#> can be used by ordinary user processes or programs executed by ordinary
#> users.
#
#> Ports are used in the TCP [45,106] to name the ends of logical
#> connections which carry long term conversations. For the purpose of
#> providing services to unknown callers, a service contact port is
#> defined. This list specifies the port used by the server process as its
#> contact port. While the IANA can not control uses of these ports it
#> does register or list uses of these ports as a convienence to the
#> community.
#
ingreslock 1524/tcp
ingreslock 1524/udp
prospero-np 1525/tcp # Prospero non-privileged
prospero-np 1525/udp
rfe 5002/tcp # Radio Free Ethernet
rfe 5002/udp # Actually uses UDP only
#
#
# Kerberos (Project Athena/MIT) services
# Note that these are for Kerberos v4, and are unofficial. Sites running
# v4 should uncomment these and comment out the v5 entries above.
#
klogin 543/tcp # Kerberos `rlogin'
kshell 544/tcp krcmd # Kerberos `rsh'
kerberos-adm 749/tcp # Kerberos `kadmin' (v5)
#kerberos 750/udp kdc # Kerberos (server) udp
#kerberos 750/tcp kdc # Kerberos (server) tcp
krbupdate 760/tcp kreg # Kerberos registration
kpasswd 761/tcp kpwd # Kerberos `passwd'
eklogin 2105/tcp # Kerberos encrypted `rlogin'
#
# Unofficial but necessary (for NetBSD) services
#
supfilesrv 871/tcp # SUP server
supfiledbg 1127/tcp # SUP debugging
#
# GNU Finger services
cfinger 2003/tcp # GNU's finger data collection point
ofinger 1023/tcp # OS Issue finger daemon
# Programs to be maintained on terminal lines. init runs these programs,
# and restartsthem when they die. Note that in GNU, unlike in BSD, there
# is no need to list pseudo-ttys here.
# name program type status comments
console "/libexec/getty 9600" mach on secure trusted console
#com0 "/libexec/getty 9600" dialup on secure
#/var/log/messages
Nov 14 16:42:18 inetd[109]: ftp/tcp: socket: Protocol family not supported
Nov 14 16:42:18 inetd[109]: telnet/tcp: socket: Protocol family not supported
Nov 14 16:42:18 inetd[109]: shell/tcp: socket: Protocol family not supported
Nov 14 16:42:18 inetd[109]: login/tcp: socket: Protocol family not supported
Nov 14 16:42:18 inetd[109]: exec/tcp: socket: Protocol family not supported
Nov 14 16:42:18 inetd[109]: uucpd/tcp: socket: Protocol family not supported
Nov 14 16:42:18 inetd[109]: tftp/udp: socket: Protocol family not supported
Nov 14 16:42:18 inetd[109]: talk/udp: socket: Protocol family not supported
Nov 14 16:42:18 inetd[109]: ntalk/udp: socket: Protocol family not supported
Nov 14 16:42:18 inetd[109]: tcpmux/tcp: socket: Protocol family not supported
Nov 14 16:42:18 inetd[109]: echo/tcp: socket: Protocol family not supported
Nov 14 16:42:18 inetd[109]: discard/tcp: socket: Protocol family not supported
Nov 14 16:42:18 inetd[109]: chargen/tcp: socket: Protocol family not supported
Nov 14 16:42:18 inetd[109]: daytime/tcp: socket: Protocol family not supported
Nov 14 16:42:18 inetd[109]: time/tcp: socket: Protocol family not supported
Nov 14 16:42:18 inetd[109]: echo/udp: socket: Protocol family not supported
Nov 14 16:42:18 inetd[109]: discard/udp: socket: Protocol family not supported
Nov 14 16:42:18 inetd[109]: chargen/udp: socket: Protocol family not supported
Nov 14 16:42:18 inetd[109]: daytime/udp: socket: Protocol family not supported
Nov 14 16:42:18 inetd[109]: time/udp: socket: Protocol family not supported
Reply to: