Node configuration for user access: Difference between revisions

From The DXSpider Documentation Wiki
Jump to navigation Jump to search
Line 18: Line 18:
In this mode the sysop doesn't have to to register users, but if they are registered, then it will simply be a database entry.
In this mode the sysop doesn't have to to register users, but if they are registered, then it will simply be a database entry.
Both types of user will have the same capabilities to send and receive SPOTS, ANN, etc
Both types of user will have the same capabilities to send and receive SPOTS, ANN, etc
When an unregistered user starts the login process, they will be sent (if it exists) the banner contained in the file
<pre>
  /spider/local_data/motd_nor
</pre>


==='''Node in REGISTRATION Mode'''===
==='''Node in REGISTRATION Mode'''===

Revision as of 14:00, 10 February 2023


User Registration


There are two types of user in a DXSpider node, a registered user and an unregistered user. By default, all users belong to the unregistered category.

Node in UNREGISTERED Mode


This is the default way of working, but not necessarily the best.

The global variable that sets the node type is $main::reqreg and its default value is 0.

  set/var $main::reqreg = 0

In this mode the sysop doesn't have to to register users, but if they are registered, then it will simply be a database entry. Both types of user will have the same capabilities to send and receive SPOTS, ANN, etc

Node in REGISTRATION Mode


To use this mode, the global variable $main::reqreg must be set to 1. The way to change it is

  set/var $main::reqreg = 1

When this mode is activated, only users that the sysop has registered will be able to send and receive SPOTS, ANN, ..., while unregistered users will only be able to receive information.

The way to register/unregister a user is as follows:

  set/register <call>
  unset/register <call>

At any time we can know which users we have registered using

  sh/register

There is the possibility to display a specific banner for registered users. The file containing it is the following

  /spider/_local_data/motd


Password Usage


By default, the node has disabled the function of requesting a password when we log in. So there is a risk that another user can use our account.

For a user to be assigned a password, the sysop will have to execute at least once

  set/password <call> <string>

and the user can change his password with the command

  set/password


Node in NO PASSWORD Mode


The global variable $main::passwdreq is set to 0 by default. As mentioned above, users logging into a node so configured will only be prompted for their callsign.

To see the value of the variable we will use

  sh/var $main::passwdreq


Node in PASSWORD Mode


If we set the $main::passwdreq variable to 1, we will force any user logging in to the node to enter their callsign and password, otherwise they will not be able to access the node. The node will not establish the session if there is no positive authentication.

To set this mode of operation:

  set/var $main::passwdreq = 1


How To Protect Node (Recommended configuration)


One way to control the correct use of our node, is to use the combination of registration and password as follows.

We enable the registration for all the users

  set/var $main::reqreg = 1

and we disable the global use of passwords

  set/var $main::passwdreq = 0

This allows anyone to access the node in READ mode, but only those who have authenticated with username and password will have full user access.

This implies that the sysop must register and assign a password to the trusted user.

  set/register <call>
  set/password <call> <string>

This way we have control and limit the misuse of our node.


Make Changes Permanent


Although we can enable or disable these variables at any time, if we want to keep them during the startup of the node, we must edit the file

  /spider/scripts/startup

and include the following lines

  set/var $main::reqreg = 1
  set/var $main::passwdreq = 0

The changes to this file will not take effect until there is a reboot, so we can activate it manually the first time from the console by typing

  set/var $main::reqreg = 1
  set/var $main::passwdreq = 0