Great update. Testing now on a few systems connected to Global War Gate (rlogin server). So far so good.

...It is a well known fact that a deceased body harms the mind.

---
þ Synchronet þ |15<|07<|08< +h3 |02><|08-bi+ >|07>|15>
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: rlogin.js -h[pepper]
By: xbit to All on Sun Apr 13 2025 07:40 am

Great update. Testing now on a few systems connected to Global War Gate (rlogin server). So far so good.

Might have spoke too soon. When replacing the -p with -h a test caller rloging into global war got the following:

Resolving hostname...
Invalid Logon
Password:

This test was from another BBS. My first tests was from my linux bbs to windows bbs local.

---
þ Synchronet þ |15<|07<|08< +h3 |02><|08-bi+ >|07>|15>
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: rlogin.js -h[pepper]
By: xbit to All on Sun Apr 13 2025 07:40 am

Great update. Testing now on a few systems connected to Global War Gate (rlogin server). So far so good.

Cool. The main downside I see is that if the user changes their password on the client BBS, they won't be able to using the rlogin-gateway to your system and changing their own password on your system won't be possible.
--
digital man (rob)

Sling Blade quote #21:
Karl: Coffee makes me nervous when I drink it. Mmm.
Norco, CA WX: 73.3øF, 53.0% humidity, 8 mph W wind, 0.00 inches rain/24hrs
--- SBBSecho 3.24-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: rlogin.js -h[pepper]
By: xbit to All on Sun Apr 13 2025 08:42 am

Re: rlogin.js -h[pepper]
By: xbit to All on Sun Apr 13 2025 07:40 am

Great update. Testing now on a few systems connected to Global War Gate (rlogin server). So far so good.

Might have spoke too soon. When replacing the -p with -h a test caller rloging into global war got the following:

Resolving hostname...
Invalid Logon
Password:

This test was from another BBS. My first tests was from my linux bbs to windows bbs local.

That would be expected if the user already had an account with their password from the client BBS. You would need to delete their user account so it can be recreated with the right hashed-password or just change the account password to match the hashed-password that was attempted.
--
digital man (rob)

Rush quote #31:
Live for yourself, there's no one else more worth living for
Norco, CA WX: 73.5øF, 52.0% humidity, 8 mph WNW wind, 0.00 inches rain/24hrs --- SBBSecho 3.24-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: rlogin.js -h[pepper]
By: Digital Man to xbit on Sun Apr 13 2025 02:15 pm

Great update. Testing now on a few systems connected to Global War
Gate (rlogin server). So far so good.

Might have spoke too soon. When replacing the -p with -h a test caller
rloging into global war got the following:
Resolving hostname...
Invalid Logon
Password:
This test was from another BBS. My first tests was from my linux bbs to
windows bbs local.

That would be expected if the user already had an account with their password from the client BBS. You would need to delete their user account so it can be recreated with the right hashed-password or just change the account password to match the hashed-password that was attempted.

It sounds like the -s[tag] might need to be in play then? With out it, if a user first rlogs into the game and sync applies the pepper (hash) all is great. But if the user then wants to telnet via normal methods using the same user name they would need to know the long hashed password. Yes?

The -s[tag] would segregate a rlogin from a normal account. For example someone rlogging into xbit bbs from vert with a -s[vert] tag might look like [vert]xbit.

I did some testing before the -s[tag] idea and got this error:
FAILED Password attempt: 'testpass' expected:'7278D2BA..(long hash).

Am i on the right path or not getting somthing? Thank you DM.


...It is not enough to succeed. Others must fail.

---
þ Synchronet þ |15<|07<|08< +h3 |02><|08-bi+ >|07>|15>
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)

Re: rlogin.js -h[pepper]
By: xbit to Digital Man on Fri Apr 18 2025 09:35 am

Re: rlogin.js -h[pepper]
By: Digital Man to xbit on Sun Apr 13 2025 02:15 pm

Great update. Testing now on a few systems connected to Global War
Gate (rlogin server). So far so good.

Might have spoke too soon. When replacing the -p with -h a test caller
rloging into global war got the following:
Resolving hostname...
Invalid Logon
Password:
This test was from another BBS. My first tests was from my linux bbs to
windows bbs local.

That would be expected if the user already had an account with their password from the client BBS. You would need to delete their user account so it can be recreated with the right hashed-password or just change the account password to match the hashed-password that was attempted.

It sounds like the -s[tag] might need to be in play then? With out it, if a user first rlogs into the game and sync applies the pepper (hash) all is great. But if the user then wants to telnet via normal methods using the same user name they would need to know the long hashed password. Yes?

Yes.

The -s[tag] would segregate a rlogin from a normal account. For example someone rlogging into xbit bbs from vert with a -s[vert] tag might look like [vert]xbit.

I did some testing before the -s[tag] idea and got this error:
FAILED Password attempt: 'testpass' expected:'7278D2BA..(long hash).

Am i on the right path or not getting somthing? Thank you DM.

If you want the game server to also serve as a normal BBS (e.g. for Telnet/SSH users), then yeah, you're going to need the user to know their own password. It sounds like you're thinking a user that wanted to use the game server function and the normal BBS function would need two user accounts on your system, one with a tag and the other not (not ideal, but yes, viable).
--
digital man (rob)

Steven Wright quote #32:
The colder the x-ray table, the more of your body is required to be on it. Norco, CA WX: 53.8øF, 82.0% humidity, 6 mph WSW wind, 0.00 inches rain/24hrs --- SBBSecho 3.24-Linux
* Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)