Hi Doug!
But you/your client/"it" has to send a password using the PASS command, too :-)
On Tue, Mar 05, 2013 at 12:32:16PM +0800, Doug wrote:
> I was wondering if someone could shed some light on how to use PAM with
> ngircd?
>
> I've set PAM = yes, and PAMIsOptional = no, but I'm kind of fuzzy on how
> this is supposed to work.
>
> The client connects with a nick and username, (in this case my username for
> both, douglasl).
Because you provided no password at all, if I understand you correctly?
> The server rejects the connection, and logs:
>
> [18632:6 5] Accepted connection 7 from 127.0.0.1:59814 on socket 6.
> [18906:3 5] PAM: Error on "douglasl" (douglasl!~douglasl@localhost):
> Authentication failure
> [18632:3 5] User "douglasl!~douglasl@localhost" rejected (connection 7):
> Bad password!
> [18632:6 5] Shutting down connection 7 (Bad password) with
> localhost:59814 ...
> [18632:5 5] Client "douglasl" unregistered (connection 7): Bad password
> [18632:6 5] Connection 7 with localhost:59814 closed (in: 0.1k, out:
> 0.0k).
I don't know "pamtester", but PAM requires a "service name", and if I
> Riiight. I'm pretty sure I've got pam working, because I can use pamtester
> well enough:
>
> ~/ngircd/pamtester-0.1.2/src# ./pamtester login douglasl authenticate
> Password:
> pamtester: successfully authenticated
understand it correctly, you are using "login" as service name in your example
above; but ngIRCd uses – guess what? – "ngircd" :-)
So most probably you have to check your PAM setup for ngIRCd using something
like this:
$ pamtester ngircd douglasl authenticate
It has to send a valid PASS command, _before_ it sends NICK and USER.
> So, the question is, how the irc client supposed to be supplying the
> password for the user?
For example (raw IRC commands):
PASS :password
NICK :nickname
USER login . . :Real Name
Right.
> The raw commands to the server after connect are PASS / NICK / USER, which
> sound like they should be all I need.
Regards
Alex