Hylafax Mailing List Archives

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

[hylafax-users] Understanding users & permission with hylafax.



Hi.

I'm having I real though time understanding how permissions and users work under
hylafax. First of all I would like to know if by default faxadduser
writes only to hosts.hfaxd? (I presume so because when modifying it the
auth meccanism changes)

Lets say I want all my clients (192.168.0.*) of my local network to be able to send
jobs to the server (192.168.0.1) only if they login with username
'fax_user' and passwd 'gogogo' (added with "faxadduser -p gogogo fax_user").
Then I would like the admin to be able to do faxrm things. So I added
"faxadduser -a gogogo2 fax_admin".
The hosts.hfaxd should be like this??

fax_admin:::Fg8I35Gev6oSs
fax_user::Kh23J32nd8k3
127.0.0.1
192\.168\.0\.


This hosts.hfaxd file I have lets me kill jobs only through Richard
Lippmann ftp method I found in the ML archievs. If I try 'faxrm -a 12''
I get a 530 auth error saying no valid passwd. Why does it work via ftp
and not through plain shell faxrm command?

The 192\.168\.0\. (or 192.168.0.*) line should grant access also to localhost (hylafax
server achine) but doesn't seem so..... Only if I put 127.0.0.1 can I get access. That's
funny. 
I would like an easy to use fax server but at the same time secure. I
don't want people connecting to my 4559 port and sending faxes to my
machine thus relaying them maybe with international calls. Would a
firewall rule be enough enabling connections to port 4559 only if they
come from 192.168.0.*? And what happens if someone logs in form internet
with IP 192.168.0.1? Is hylafax secure by this point of view?
-- 
                 Antonio Gennarini
                Crecchio, CH - ITALY
	-----------------------------------
Earth Science student at University "G. D'Annunzio".
     Join th GNU generation, start from LINUX.

____________________ HylaFAX(tm) Users Mailing List _______________________
  To subscribe/unsubscribe, click http://lists.hylafax.org/cgi-bin/lsg2.cgi
 On UNIX: mail -s unsubscribe hylafax-users-request@hylafax.org < /dev/null



Home
Report any problems to webmaster@hylafax.org

HylaFAX is a trademark of Silicon Graphics Corporation.
Internet connectivity for hylafax.org is provided by:
VirtuALL Private Host Services