conserver.passwd - user access information for conserver(8)
The conserver.passwd file is the user authentication and authorization
file for conserver(8). Upon each incoming client connection,
conserver opens and reads the conserver.passwd file, so edits to
the file take effect immediately. It reads only until the first
username match.
Blank lines and comment lines (those beginning with a ``#'' and
optional leading whitespace) are ignored. Non-ignored lines beginning with
whitespace are considered continuations of the previous line. This allows
you to span one logical line over many physical lines and insert comments
wherever appropriate.
Each logical line consists of two colon-separated fields. Leading
and trailing white space in each field is ignored.
- username
- the login name of the authorized user, or the string ``*any*'' to
match any user. This is compared against the name sent by the
console client, based either on the user's identity or on the -l
option. Since conserver only uses the first username
match, a ``*any*'' entry will apply to any user without an entry
earlier in the file.
- password
- the encrypted password, or the string ``*passwd*'' to indicate that
conserver should look up the user's password in the system
passwd (or shadow) database. If PAM support has been enabled
(--with-pam), PAM lookups will be done instead of passwd (or
shadow) lookups (you may need to edit /etc/pam.conf or create
/etc/pam.d/conserver). If this field is empty, password checking is
bypassed for this user.
- mary:r71mXjfALB5Ak
- Mary uses the password specified above; it does not matter whether she has
a login on the conserver host.
- fred:*passwd*
- Fred may connect only with his regular login password on the conserver
host.
- bozo:*
- Bozo is only allowed to access a console if his password isn't used (since
it's invalid) which means he needs to come from a trusted
host.
- *any*:*passwd*
- Anyone not listed above uses their regular login and password.
console(1), conserver.cf(5), conserver(8)
There is currently no way provided by the conserver package to generate the
encrypted password strings besides copying them from the system passwd
database or running crypt(3) via C or perl or some other language that
supports it.