callback security

• Messages sorted by:[ date ][ thread ][ subject ][ author ]

Hi,

I am using RedHat 5.2 with mgetty: experimental test release
1.1.14-Apr02.

My problem is that I would like to only let user login using callback.
eg no direct logins.

my login.config contains
xxxx-cb -       @       /usr/sbin/callback -S 1234567890
*       -       -       /bin/false


My modem program from the client side recieves the following
CONNECT 38400

Red Hat Linux release 5.2 (Apollo)
Kernel 2.0.36 on an i686


machinename.domain login: xxxx-cb

Dialing continues in the background, all further messages will
be written to the logfile '/var/log/mgetty.log.callback'.
Please look there for errors / diagnostics.

*** then it disconnects and dials back
RING

CONNECT 38400
Connection established, please wait...
...ok

Red Hat Linux release 5.2 (Apollo)
Kernel 2.0.36 on an i686


machinename.domain login: 


At this point I type a username and then I get disconnected.
If I add the line
xxx    xxx     -       /bin/login @
to login.config then I'll not get disconnected but I will get promted
for the password and the login will succed.

It seems to me that the problem is that mgetty does not bypass the
login.config when callback returns as it is supposed to.
This makes the callback kind off useless except that it is another phone
that pays the bill. But for security this is useless.


Perhaps the problem is that my callback.config is empty but I can't seem
to think of anything useful to put into it :(

Peter Lindstrøm
pel@kruger.dk