<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <!--Converted with LaTeX2HTML 96.1-c (Feb 29, 1996) by Nikos Drakos (nikos@cbl.leeds.ac.uk), CBLU, University of Leeds --> <HTML> <HEAD> <TITLE>NNTP Authorization</TITLE> </HEAD> <BODY LANG="EN"> <A HREF="node1.html"><IMG WIDTH=65 HEIGHT=24 ALIGN=BOTTOM ALT="contents" SRC="contents_motif.gif"></A> <BR> <B> Next:</B> <A HREF="node279.html">nntpd Interaction with C-News</A> <B>Up:</B> <A HREF="node274.html">A Description of NNTP</A> <B> Previous:</B> <A HREF="node277.html">Restricting NNTP Access</A> <BR> <P> <H1><A NAME="SECTION0020400000">NNTP Authorization</A></H1> <A NAME="nntpauthorize"></A> When capitalizing the access tokens like xfer or read in the nntp_acces file, nntpd requires the authorization from the client for the respective operations. For instance, when specifying a permission of Xfer or XFER, nntpd will not let the client transfer articles to your site unless it passes authorization. <P> The authorization procedure is implemented by means of a new NNTP command named AUTHINFO. Using this command, the client transmits a user name and a password to the NNTP server. nntpd will validate them by checking them against the /etc/passwd database, and verify that the user belongs to the nntp group. <P> The current implementation of NNTP authorization is only experimental, and has therefore not been implemented very portably. The result of this is that it works only with plain-style password databases; shadow passwords will not be recognized. <P> <BR> <HR> <P><ADDRESS> <I>Andrew Anderson <BR> Thu Mar 7 23:22:06 EST 1996</I> </ADDRESS> </BODY> </HTML>