Greetings all,
I'm using OpenBSD 5.6 (GENERIC).
My target is to login user through my own login_ script with SSH.
Everything works fine if the user exists on device.
But I'm using few large remote databases and
it is crazy to store all the users on the device.
So I see two solutions:
1. Create user if credentials are right.
2. Use some prepared user to login. ("guest" for example)
As for first solution:
I've done script for this but it fails for first request
(I guess that 'adduser' and 'useradd' commands are
powerless to create user in authentication process)
and I can successfully login after reconnection.
Also user creation have some restrictions to functionallity
as limited symbols for username (for example I have users
with ! symbol in username in my databases).
Shortcut script is listed in the end of the message.
Does anybody know how to resolve at least one of this problems?
As for second solution:
I have no idea how to implement this. As I understand I must
change the username in authentication process (namely atÂ
'response' service invokation).
Is it possible at all?
Thanks everybody for attention.
login_ script:
#!/bin/sh
if [ $2 == "challenge" ]; then
  echo value challenge "password:">&3
  echo "reject challenge">&3
  exit 0
fi
if [ $2 == "response" ]; then
  dd ibs=1 count=10 of=/temp/pswd <&3
  > /temp/pswd
  dd ibs=1 count=1 <&3 | cat >>/temp/pswd
  while [ `tail -c 1 /temp/pswd | cat -e` != "^@" ]
  do
   dd ibs=1 count=1 <&3 | cat >>/temp/pswd
  done
  read pswd </temp/pswd
  > /temp/pswd
  # There goes function invokation that accepts username
  # and password and exits with 0 status if user exists in one
  # of remote databases and 1 in other cases
  if [ $? == 0]; then
   id -u $3 >/dev/null 2>&1
   if [ $? !=0 ]; then
     useradd $3
   fi
   echo "authorize">&3
  fi
  exit 0
fi
Best Regards,
Vlad Suragin
