Annotation of src/etc/login.conf, Revision 1.10
1.10 ! deraadt 1: # $OpenBSD: login.conf,v 1.9 2001/08/09 15:45:24 millert Exp $
1.1 millert 2:
3: #
4: # Sample login.conf file. See login.conf(5) for details.
5: #
6:
1.7 millert 7: #
8: # Standard authentication types:
9: #
10: # krb4-or-pwd First try Kerberos IV password, then local password file
11: # krb5-or-pwd First try Kerberos V password, then local password file
12: # passwd Use only the local password file
13: # krb4 Use only the Kerberos IV password
14: # krb5 Use only the Kerberos V password
15: # chpass Do not authenticate, but change users password (change
16: # the kerberos password if the user has one, else change
17: # the local password)
18: # lchpass Do not login; change user's local password instead
1.8 millert 19: # radius Use radius authentication
1.7 millert 20: # skey Use S/Key authentication
21: # activ ActivCard X9.9 token authentication
22: # crypto CRYPTOCard X9.9 token authentication
23: # snk Digital Pathways SecureNet Key authentication
24: # token Generic X9.9 token authentication
25: #
1.4 millert 26:
1.7 millert 27: # Default authentication methods (krb4-or-pwd by default)
1.9 millert 28: auth-defaults:auth=krb4-or-pwd,krb4,krb5-or-pwd,krb5,passwd,skey,activ,crypto,snk,chpass,lchpass,token:
1.4 millert 29:
1.7 millert 30: # Default authentication methods for ftp (krb4-or-pwd by default)
1.9 millert 31: auth-ftp-defaults:auth-ftp=krb4-or-pwd,krb4,krb5-or-pwd,krb5,passwd,skey,activ,crypto,snk,token:
1.7 millert 32:
1.10 ! deraadt 33: #
1.7 millert 34: # The default values
35: # To alter the default authentication types change the line:
36: # :tc=auth-defaults:\
37: # to be read something like: (enables passwd, "myauth", and activ)
38: # :auth=passwd,myauth,activ:\
1.1 millert 39: # Any value changed in the daemon class should be reset in default
40: # class.
41: #
42: default:\
43: :path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin:\
44: :umask=022:\
1.2 millert 45: :datasize-max=256M:\
46: :datasize-cur=64M:\
1.1 millert 47: :maxproc-max=128:\
48: :maxproc-cur=64:\
49: :openfiles-cur=64:\
1.4 millert 50: :stacksize-cur=4M:\
1.5 millert 51: :localcipher=blowfish,6:\
52: :ypcipher=old:\
1.4 millert 53: :tc=auth-defaults:\
54: :tc=auth-ftp-defaults:
1.1 millert 55:
56: #
57: # Settings used by /etc/rc and root
58: # This must be set properly for daemons started as root by inetd as well.
59: # Be sure reset these values back to system defaults in the default class!
60: #
61: daemon:\
62: :ignorenologin:\
63: :datasize=infinity:\
64: :maxproc=infinity:\
65: :openfiles-cur=128:\
66: :stacksize-cur=8M:\
1.5 millert 67: :localcipher=blowfish,8:\
1.1 millert 68: :tc=default:
69:
70: #
71: # Staff have fewer restrictions and can login even when nologins are set.
72: #
73: staff:\
74: :datasize-cur=64M:\
75: :datasize-max=infinity:\
1.3 millert 76: :maxproc-max=256:\
77: :maxproc-cur=128:\
1.1 millert 78: :ignorenologin:\
79: :requirehome@:\
80: :tc=default: