Added information on registration, login scripts and passwords to the

[spider.git] / html / adminmanual-7.html

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
 <META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
 <TITLE>The DXSpider Administration Manual v1.48: Security</TITLE>
 <LINK HREF="adminmanual-8.html" REL=next>
 <LINK HREF="adminmanual-6.html" REL=previous>
 <LINK HREF="adminmanual.html#toc7" REL=contents>
<link rel=stylesheet href="style.css" type="text/css" title="default stylesheet">
</HEAD>
<BODY>
<A HREF="adminmanual-8.html">Next</A>
<A HREF="adminmanual-6.html">Previous</A>
<A HREF="adminmanual.html#toc7">Contents</A>
<HR>
<H2><A NAME="s7">7. Security</A></H2>

<P>From version 1.49 DXSpider has some additional security features.  These
are not by any means meant to be exhaustive, however they do afford some
security against piracy.  These two new features can be used independently 
of each other or in concert to tighten the security.
<P>
<H2><A NAME="ss7.1">7.1 Registration</A>
</H2>

<P>The basic principle of registration is simple.  If a user is not registered
by the sysop, then they have read-only access to the cluster.  The only
thing they can actually send is a talk or a message to the sysop.  In
order for them to be able to spot, send announces or talks etc the sysop
must register them with the <EM>set/register</EM> command, like this ...
<P>
<BLOCKQUOTE><CODE>
<PRE>
set/register g0vgs
</PRE>
</CODE></BLOCKQUOTE>
<P>The user g0vgs can now fully use the cluster.  In order to enable 
registration, you can issue the command ...
<P>
<BLOCKQUOTE><CODE>
<PRE>
set/var $main::reqreg = 1
</PRE>
</CODE></BLOCKQUOTE>
<P>Any users that are not registered will now see the motd_nor file rather
than the motd file as discussed in the Information, files and useful 
programs section.
<P>
<P>Entering this line at the prompt will only last for the time the cluster
is running of course and would not be present on a restart.  To make the
change permanent, add the above line to /spider/scripts/startup.  To
read more on the startup file, see the section on Information, files 
and useful programs.
<P>
<P>To unregister a user use <EM>unset/register</EM> and to show the list
of registered users, use the command <EM>show/register</EM>.
<P>
<H2><A NAME="ss7.2">7.2 Passwords</A>
</H2>

<P>At the moment, passwords only affect users who login to a DXSpider
cluster node via telnet.  If a user requires a password, they can
either set it themselves or have the sysop enter it for them by using
the <EM>set/password</EM> command.  Any users who already have passwords, 
such as remote sysops, will be asked for their passwords automatically 
by the cluster.  Using passwords in this way means that the user has a
choice on whether to have a password or not.  To force the use of
passwords at login, issue the command ...
<P>
<BLOCKQUOTE><CODE>
<PRE>
set/var $main::passwdreq = 1
</PRE>
</CODE></BLOCKQUOTE>
<P>at the cluster prompt.  This can also be added to the /spider/scripts/startup
file as above to make the change permanent.
<P>
<P>Of course, if you do this you will have to assign a password for each of 
your users.  If you were asking them to register, it is anticipated that
you would ask them to send you a message both to ask to be registered and
to give you the password they wish to use.
<P>
<P>Should a user forget their password, it can be reset by the sysop by
first removing the existing password and then setting a new one like so ...
<P>
<BLOCKQUOTE><CODE>
<PRE>
unset/password g0vgs
set/password g0vgs new_password
</PRE>
</CODE></BLOCKQUOTE>
<P>
<HR>
<A HREF="adminmanual-8.html">Next</A>
<A HREF="adminmanual-6.html">Previous</A>
<A HREF="adminmanual.html#toc7">Contents</A>
</BODY>
</HTML>