|
|
The connection server authentication file or /etc/cs/auth is an optional file, maintained by the system administrator, that lists the authentication scheme and role associated with a particular host, service, network tuple. The system administrator does not need to (and in most cases will not) put information into this file. Typically, the connection server obtains the initial authentication information about a particular host, service, network tuple from the reportscheme service. The connection server retains this data in an internal cache so the reportscheme service will not be called in subsequent network requests for the same host, service, network tuple.
If, for any reason, the system administrator does not want the reportscheme service to be called for a particular host, service, network tuple, the authentication scheme information can be stored in /etc/cs/auth. When the connection server is started, it uses the information in /etc/cs/auth to initialize its internal cache.
The connection server authentication file
is read only once
when the connection server is started up.
If the system administrator
changes the file while the connection server is running,
the command
cs -x
must be issued from the command line to tell the connection server to read the authentication file again. See cs(1Mbnu) for further information on cs.
To change the connection server authentication file, the system administrator should manually edit the file. The format of the file comprises lines of tab-separated fields:
host service transport authentication_scheme imposer_role
When no scheme is required (sometimes referred to as a null scheme), the administrator indicates this by putting a dash (-) in the authentication scheme field. The ``imposer_role'' field indicates the client will act as either the responder (r) to the authentication process or as the imposer (i).
An example of a small authentication file is shown:
#host service transport authentication scheme imposer rolepelham echo_tcp tcp cr1 r pelham cu tcp - r pelham uucico tcp cr1 r pelham date tcp - r
Example of a small authentication file
For more information on imposer role and authentication schemes, see ``cr1 Bilateral Authentication Scheme''.