Authentication

This is concerned with verifying that a particular username and password is valid for a given user on your platform.

The various authentication choices are either platform specific (e.g. for AIX and HP-UX) or more general. Most of the time you'll be able to use to following options but see the notes below.

a) Linux--with-auth=shadow (or --with-auth=pam see PAM notes).
b) Irix --with-auth=shadow
c) MacOSX --with-auth=pam (on 10.3 or above and previously --with-auth=noshadow)
d) AIX --with-auth=aixshadow
e) HP-UX --with-auth=hpuxshadow
f) Solaris --with-auth=rshadow

For AIX and HP-UX the above are the only possible choices.

If the above options do not work or you have a different operating system then here is a description of the possible choices which will hopefully guide to in selecting the correct one. Many will work with NIS (e.g. shadow, rshadow).

1. noshadow

In general this is used if your system has a /etc/passwd file which contains encrypted passwords and only a getpwnam() system call (man getpwnam). It is also used by MacOSX which has an unusual authentication system.

2. rnoshadow

This can be used if your system has a /etc/passwd file which contains encrypted passwords and your system has the re-entrant getpwnam_r() call (man getpwnam_r).

3. shadow

This can be used if your system has a /etc/shadow file (or equivalent) and your /etc/passwd file therefore does not contain encrypted passwords. It is used when the you only have the getspnam() and getpwnam() system calls (man getspnam, man getpwnam).

4. rshadow

This can be used if your system has a /etc/shadow file (or equivalent) and your /etc/passwd file therefore does not contain encrypted passwords. If your platform has both the getspnam_r() and the getpwnam_r() re-entrant system calls then use this option (man getspnam_r, man getpwnam_r).

5. PAM

A possible choice if you have PAM set up but one of the above options might also work. See the notes on using PAM. For example, on most default RedHat Linux installations both 'shadow' and 'pam' will work but PAM requires a little extra effort to set up.

6. aixshadow

This is solely for AIX systems. It uses the getuserpw() and getpwnam() system calls.

7. hpuxshadow

This is solely for HP-UX systems. It uses the getspnam() and getpwnam_r() system calls. It also checks for 'trusted' setups with the iscomsec() system call.

If your system fits into none of the above categories then the authentication will not work. You should then contact us (emboss-bug@embnet.org), preferably with details of which system calls your platform uses for authentication, and we will hopefully be able to incorporate your system's authentication scheme into the EMBOSS distribution.