On Mon, May 16, 2005 at 07:46:20PM +0200, sebastien_at_bombal.org wrote:
> bulma:/vice/auth2# id codaroot
> uid=1001(codaroot) gid=100(users) groups=100(users)
> 
> Here some log of auth2 with -x 4
> 
> 19:39:39 Server successfully started
> 19:39:47        vid = 1001
> 19:39:47 Authentication failed for "codaroot" from 192.168.23.9:32799
> 
> The documentation I read, explain that auth2 uses PAM to get password. Is it 
> true ?

No it does not, we keep our passwords separate from the system passwords.

For one, normal Coda users typically are are not allowed to access the
Coda server machines. Keeping the user/group and password databases
separate makes this simple. But we also don't totally trust the security
of the password exchange completely since we don't use strong
cryptography, but just a simple (proof-of-concept) XOR scramble. So it
is better to be on the safe side by not using system passwords for Coda
authentication.

The codaadmin/codaroot password is initially set to 'changeme'. This
temporary password was shown during the vice-setup process after the
admin user account was created.

Jan