[nos-bbs] Questions related to JNOS 1.11f

[Miroslav Skoric (YT7MPB)]

(Skip) K8RRA wrote:

> If you have configured all file access for users in /public and below
> then directories above /public are not accessible and jnos replies
> "permission denied".
> But the sysop has access to all files on the host - even outside jnos
> root directory.

Ok, let's see it once again. During the testing stage there are only two 
users of my JNOS. One is me, as the sysop (callsign YT7MPB-9) and the 
other is FBB for forwarding purposes (callsign YT7MPB). I added those 
two entries into 'ftpusers' file, both having a <password> value in 
there. Sysop's callsign has access to '/jnos' folder and bbs's callsign 
has access to '/public' folder (btw, I am not sure if the bbs should go 
to '/jnos/public' or just '/public' - any suggestion?). By default, new 
users were declared as "univperm" with no password ('*') and access to 
'/jnos/public'. I also noticed that some specific users, who may asked 
for password, may also have their entries here, with declared password 
of not '*'.

So far - so good. The question is the following: How to prevent anybody 
on the air to play with callsigns and to misuses either sysop's or 
forwarding bbs's callsign (which we, btw, have experienced here long ago)?

Besides that, in order to try something similar to what was implemented 
within FBB world (C_FILTER, PROTUS etc), I activated MD5 authentication 
in JNOS, added two new entries in 'rc' file and noticed that MD5 
challenge appears only in JNOS local console connection ('bbs' command) 
and during a telnet connection. Where it doesn't work yet is in AXIP 
channel (it even doesn't ask the forwarding bbs for its credentials) and 
I suppose the same will go over the AX25 radio channel.

Any opinion?

Regards,

Misko YT7MPB

PS: When experimenting with FBB-to-FBB connections, we even had 
encrypted password sent on the air. I don't insist on that - just wonder 
if it works in JNOS world.