venkat@brand.usc.edu (V. Venkat) (06/16/89)
With release 3.2, I had a form like (fs:add-user-information "host" "login-name" "password") in my login-init file for each host. So I would never be prompted for a password when dealing with other machines. This function does not exist in Release 4.1. I tried (fs:store-password-etc "login-name" "host" "password"). But I still get a prompt for a password when accessing another machine. Is there anything in 4.1 that I can do, to input the password information, so that I do not get prompted (like when trying to view-file on a remote m/c)? V. Venkat
venkat@brand.usc.edu (V. Venkat) (06/16/89)
In article <17872@usc.edu> venkat@brand.usc.edu (V. Venkat) writes: >With release 3.2, I had a form like >(fs:add-user-information "host" "login-name" "password") >in my login-init file for each host. So I would never be prompted >for a password when dealing with other machines. > >This function does not exist in Release 4.1. I tried >(fs:store-password-etc "login-name" "host" "password"). But I still >get a prompt for a password when accessing another machine. > Is there anything in 4.1 that I can do, to input the password information, >so that I do not get prompted (like when trying to view-file on a remote m/c)? > >V. Venkat > After some hacking, I found the solution. Since a couple of people expressed interest, I am posting the solution on the net. add the following two forms in your login-init file for each remote host. (fs:store-password-etc "user-name" "host-name" "password") (fs:file-host-user-id "user-name" "host-name") You will then never be prompted for the password. V. Venkat
snicoud@ATC.BOEING.COM (Stephen Nicoud) (06/19/89)
Date: 16 Jun 89 05:35:05 GMT
From: usc!brand.usc.edu!venkat@apple.com.ARPANET (V. Venkat)
Subject: Re: Password information..3.2 to 4.1
add the following two forms in your login-init file for each remote host.
(fs:store-password-etc "user-name" "host-name" "password")
(fs:file-host-user-id "user-name" "host-name")
You will then never be prompted for the password.
I think it is appropriate, at least, to warn Explorer users that if you
put these forms in your login-init file (or any file on the Explorer for
that matter), you open yourself up to having someone (intentionally or
unintentionally) seeing your passwords.
Along the same lines, your passwords can be accessed by someone other
than you if you set either of these two variables to T:
fs::record-passwords-flag
fs::*remember-passwords*
These two variables are actually the same (forwarded value cell), so
that a change to one, is also a change to the other. The default value
is T.
I, too, do not like being prompted for a password each and every time I
access a file on a secured remote host. So, I have
record-passwords-flag set to T, so that I'm prompted only the first time
I try a file access to each host. When I log out, all passwords are
thrown away.
It depends entirely on your site (and the users at that site) whether
any of these approaches are okay or not (from a security standpoint).
Steve