The work is based on labs and exercises from previous offerings of CSCI 363.
In this lab you will create a pair of programs that mimic the behavior of Linux login server and client. You will be given a set of source programs as a starting point. One of the programs, login.c asks the user to enter a user name and a corresponding password. The program checks the validity of the user name and password against a given database. If the user name and password matches properly, the program starts a user shell with which the user can do any Linux work. The other two programs are a pair of remote login client and server rshd.c and rshClient.c, some of the functions are implemented in a separate file called rsh.c. This set of programs allow a user to remote log into a server without any authentication. Your task is to try these programs first, then read the programs to understand the process. Finally you will revise the programs such that the remote login server will ask for user name and password for authentication. Only the users with proper credentials can log onto the remote server.
You first do the following to gain some first-hand experiences.
~cs363/Spring13/student/labs/lab10/
into your lab10 directory.make
. A number of executables will be generated. The program
mlogin allows a user to enter a user name and a password to use a shell on a local Linux system. The program rshd is a server program that allows a user to get into a remote system without password. The program loginClient is a client program that will connect to a host that is running rshd. The program
mypasswd is a program that allows you to create a password
for an existing system user. You also should see two text files called
passwd and shadow which is a faked password file and a faked shadow file. The use of these files will become clear as we move on the lab exercises.man -s 5 passwd
if you are not sure how the file is structured. You then set a password for the account you just added to the passwd file by the command
host% mypasswd userwhere user is a user name that is in the passwd file. The program will ask you for a password. Note that this is a faked password. Don't enter your real password. This faked password is stored in a shadow file in your current directory.
We describe some basic ideas here. There are three major components in this set of programs.
rshd
waits on a particular port for clients
to connect. Once it receives and accepts a connection request, it
spawns a child either using a thread, or forking a new process to
service the client.getpwnam()
and getspnam()
. We created a pair of faked system calls because on our Linux systems, we no longer use the passwd and shadow files to check user credentials. But the essential concepts are the same. Read manual pages on getpwnam()
and getspnam()
to gain some basic understanding of this concept.You will develop a set of remote login service program using the two existing pairs of programs. The remote login service should check the validity of the user name and password combination. If the user is valid, the program provides a shell service to the remote client. If the user is invalid, the program simply ignores the request and prompt the user for next trial if so chose by the user, just like any Linux systems would do. The user credential files passwd and shadow reside on the server side.
Note that the user name and password sent to the remote server are in plain text. So the service is not secure. In order to make a secure service, we need to use Secure Sockets Layer or SSL protocol, which we will explore later.
When you finish the lab, clean up the directory, submit all files to Gitlab.
Congratulations! You just finished this lab.