> We have our main shell machine set up as the default host, and if a person
> logs into the pm with (win95 examples here) hyperterm, they get
> automatically "rloginned" to that machine, and use shell to their heart's
> content. If they dial in with dialup networking, they authenticate using
> PAP, and go on their merry web-way. No Puser, no Suser (lots of Lusers tho'
> ;-) ), everyone seems happy. Did I just hit on a magical solution, or am I
> in the dark on some big problem with doing things that way?
We're doing the same thing here. People with PPP or PPP/shell accounts
automatically get a PPP session when they dialin. People with shell only
get rlogin'd to the shell machine. The assumption is if that someone
wants PPP _and_ shell, that they always want a PPP session started & they
can then telnet in to the shell machine.
If you ask for a PPP account, you will ostensibly be using it from
someplace that supports PPP, so we don't bother with any of the
prefix/suffix stuff. I suppose you could say what if someone with a PPP
account might want to dial in from some old computer with just a terminal
program? Not to sound flippant, but if they wanted a direct shell
dialup they should have asked for it in the first place. I suppose we
could implement the prefix thing for just people with PPP/shell accounts,
but no one's asked for that yet.
In any case, are there any major problems with this? It seems, no, it
IS, incredibly easy for us to maintain (especially with default rules in
place) and makes more sense as well.
shag
Judd Bourgeois | When we are planning for posterity,
shagboy@thecia.net | we ought to remember that virtue is
Finger for PGP key | not hereditary. Thomas Paine