Rocksolid Light

Welcome to Rocksolid Light

mail  files  register  newsreader  groups  login

Message-ID:  

"Life sucks, but death doesn't put out at all...." -- Thomas J. Kopp


computers / Rocksolid Nodes Help / [rslight] Enforce Authenticated NNTP Access?

SubjectAuthor
* [rslight] Enforce Authenticated NNTP Access?SugarBug
`* Re: [rslight] Enforce Authenticated NNTP Access?Retro Guy
 `* Re: [rslight] Enforce Authenticated NNTP Access?SugarBug
  `* Re: [rslight] Enforce Authenticated NNTP Access?Retro Guy
   `* Re: [rslight] Enforce Authenticated NNTP Access?Retro Guy
    `- Re: [rslight] Enforce Authenticated NNTP Access?Retro Guy

1
[rslight] Enforce Authenticated NNTP Access?

<cc175a7eb5ea9b8fdcb446713d866942$1@sybershock.com>

  copy mid

https://news.novabbs.org/computers/article-flat.php?id=1030&group=rocksolid.nodes.help#1030

  copy link   Newsgroups: rocksolid.nodes.help
Path: i2pn2.org!.POSTED!not-for-mail
From: 3883@sugar.bug (SugarBug)
Newsgroups: rocksolid.nodes.help
Subject: [rslight] Enforce Authenticated NNTP Access?
Date: Mon, 11 Mar 2024 00:07:31 +0000
Organization: Baggy Jeans Mafia (sybershock.com)
Message-ID: <cc175a7eb5ea9b8fdcb446713d866942$1@sybershock.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Injection-Info: i2pn2.org;
logging-data="1565160"; mail-complaints-to="usenet@i2pn2.org";
posting-account="yZybWhCr+jI4C3MuGpPde+DhCwsjQrVZrsCOigcx7fM";
X-Spam-Checker-Version: SpamAssassin 4.0.0
X-Newsreader: 3883.7766
 by: SugarBug - Mon, 11 Mar 2024 00:07 UTC

I would like to set up a rslight install that does not allow unauthenticated users to list groups or read articles.

Is there a way to prevent anonymous NNTP reader access and require authentication to list newsgroups and issue commands?

I am thinking along the lines of how Eternal September has their newsgroup access configured. A user must have an account to see the newsgroups or pull articles.

--
3883@sugar.bug | sybershock.com | alt.sources.crypto | sci.crypt

Re: [rslight] Enforce Authenticated NNTP Access?

<ea643b44046d76ff95c6e01529095d48$1@www.novabbs.org>

  copy mid

https://news.novabbs.org/computers/article-flat.php?id=1031&group=rocksolid.nodes.help#1031

  copy link   Newsgroups: rocksolid.nodes.help
Path: i2pn2.org!.POSTED!not-for-mail
From: retroguy@novabbs.org (Retro Guy)
Newsgroups: rocksolid.nodes.help
Subject: Re: [rslight] Enforce Authenticated NNTP Access?
Date: Sun, 10 Mar 2024 17:15:49 -0700
Organization: Rocksolid Light
Message-ID: <ea643b44046d76ff95c6e01529095d48$1@www.novabbs.org>
References: <cc175a7eb5ea9b8fdcb446713d866942$1@sybershock.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Injection-Info: i2pn2.org;
logging-data="1566028"; mail-complaints-to="usenet@i2pn2.org";
posting-account="PGd4t4cXnWwgUWG9VtTiCsm47oOWbHLcTr4rYoM0Edo";
User-Agent: 40tude_Dialog/2.0.15.41
X-Spam-Checker-Version: SpamAssassin 4.0.0
 by: Retro Guy - Mon, 11 Mar 2024 00:15 UTC

On Mon, 11 Mar 2024 00:07:31 +0000, SugarBug wrote:

> I would like to set up a rslight install that does not allow unauthenticated users to list groups or read articles.
>
> Is there a way to prevent anonymous NNTP reader access and require authentication to list newsgroups and issue commands?
>
> I am thinking along the lines of how Eternal September has their newsgroup access configured. A user must have an account to see the newsgroups or pull articles.

That feature does not exist, but I can add it. It's a good feature as long
as there is a config toggle to turn it on or off.

Right now you can read without auth, but auth is required for posting. At
least it's meant to be that way unless you're seeing otherwise.

At first, I would just require auth for all groups. We could add a config
array after that to allow some groups but it's just more work.

I'll take a look at starting on this in a couple of days.

Re: [rslight] Enforce Authenticated NNTP Access?

<cebcc51dc8820099df91651ccddfde33$1@sybershock.com>

  copy mid

https://news.novabbs.org/computers/article-flat.php?id=1032&group=rocksolid.nodes.help#1032

  copy link   Newsgroups: rocksolid.nodes.help
Path: i2pn2.org!.POSTED!not-for-mail
From: 3883@sugar.bug (SugarBug)
Newsgroups: rocksolid.nodes.help
Subject: Re: [rslight] Enforce Authenticated NNTP Access?
Date: Mon, 11 Mar 2024 01:41:38 +0000
Organization: Baggy Jeans Mafia (sybershock.com)
Message-ID: <cebcc51dc8820099df91651ccddfde33$1@sybershock.com>
References: <cc175a7eb5ea9b8fdcb446713d866942$1@sybershock.com>
<ea643b44046d76ff95c6e01529095d48$1@www.novabbs.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Injection-Info: i2pn2.org;
logging-data="1571075"; mail-complaints-to="usenet@i2pn2.org";
posting-account="yZybWhCr+jI4C3MuGpPde+DhCwsjQrVZrsCOigcx7fM";
X-Spam-Checker-Version: SpamAssassin 4.0.0
X-Newsreader: 3883.7766
 by: SugarBug - Mon, 11 Mar 2024 01:41 UTC

On Sun, 10 Mar 2024 17:15:49 -0700
Retro Guy <retroguy@novabbs.org> wrote:

> On Mon, 11 Mar 2024 00:07:31 +0000, SugarBug wrote:
>
> > I would like to set up a rslight install that does not allow unauthenticated users to list groups or read articles.
> >
> > Is there a way to prevent anonymous NNTP reader access and require authentication to list newsgroups and issue commands?
> >
> > I am thinking along the lines of how Eternal September has their newsgroup access configured. A user must have an account to see the newsgroups or pull articles.
>
> That feature does not exist, but I can add it. It's a good feature as long
> as there is a config toggle to turn it on or off.
>
> Right now you can read without auth, but auth is required for posting. At
> least it's meant to be that way unless you're seeing otherwise.
>
> At first, I would just require auth for all groups. We could add a config
> array after that to allow some groups but it's just more work.
>
> I'll take a look at starting on this in a couple of days.

Great! I'll check back probably by the weekend and test it.

--
3883@sugar.bug | sybershock.com | alt.sources.crypto | sci.crypt

Re: [rslight] Enforce Authenticated NNTP Access?

<cb758ad2e2202d0779e17e48c3d0cdc2$1@www.novabbs.org>

  copy mid

https://news.novabbs.org/computers/article-flat.php?id=1033&group=rocksolid.nodes.help#1033

  copy link   Newsgroups: rocksolid.nodes.help
Path: i2pn2.org!.POSTED!not-for-mail
From: retroguy@novabbs.org (Retro Guy)
Newsgroups: rocksolid.nodes.help
Subject: Re: [rslight] Enforce Authenticated NNTP Access?
Date: Sun, 10 Mar 2024 20:05:37 -0700
Organization: Rocksolid Light
Message-ID: <cb758ad2e2202d0779e17e48c3d0cdc2$1@www.novabbs.org>
References: <cc175a7eb5ea9b8fdcb446713d866942$1@sybershock.com> <ea643b44046d76ff95c6e01529095d48$1@www.novabbs.org> <cebcc51dc8820099df91651ccddfde33$1@sybershock.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Injection-Info: i2pn2.org;
logging-data="1576501"; mail-complaints-to="usenet@i2pn2.org";
posting-account="PGd4t4cXnWwgUWG9VtTiCsm47oOWbHLcTr4rYoM0Edo";
User-Agent: 40tude_Dialog/2.0.15.41
X-Spam-Checker-Version: SpamAssassin 4.0.0
 by: Retro Guy - Mon, 11 Mar 2024 03:05 UTC

On Mon, 11 Mar 2024 01:41:38 +0000, SugarBug wrote:

> On Sun, 10 Mar 2024 17:15:49 -0700
> Retro Guy <retroguy@novabbs.org> wrote:
>
>> On Mon, 11 Mar 2024 00:07:31 +0000, SugarBug wrote:
>>
>>> I would like to set up a rslight install that does not allow unauthenticated users to list groups or read articles.
>>>
>>> Is there a way to prevent anonymous NNTP reader access and require authentication to list newsgroups and issue commands?
>>>
>>> I am thinking along the lines of how Eternal September has their newsgroup access configured. A user must have an account to see the newsgroups or pull articles.
>>
>> That feature does not exist, but I can add it. It's a good feature as long
>> as there is a config toggle to turn it on or off.
>>
>> Right now you can read without auth, but auth is required for posting. At
>> least it's meant to be that way unless you're seeing otherwise.
>>
>> At first, I would just require auth for all groups. We could add a config
>> array after that to allow some groups but it's just more work.
>>
>> I'll take a look at starting on this in a couple of days.
>
> Great! I'll check back probably by the weekend and test it.

I have it working now, but I'll do some more testing before I push it to
gitlab. It was pretty simple.

Re: [rslight] Enforce Authenticated NNTP Access?

<1fc46c655f43fdf636c5b03fe4d7b2bb@www.rocksolidbbs.com>

  copy mid

https://news.novabbs.org/computers/article-flat.php?id=1034&group=rocksolid.nodes.help#1034

  copy link   Newsgroups: rocksolid.nodes.help
Path: i2pn2.org!.POSTED!not-for-mail
From: retroguy@novabbs.com (Retro Guy)
Newsgroups: rocksolid.nodes.help
Subject: Re: [rslight] Enforce Authenticated NNTP Access?
Date: Mon, 11 Mar 2024 10:19:08 +0000
Organization: RetroBBS
Message-ID: <1fc46c655f43fdf636c5b03fe4d7b2bb@www.rocksolidbbs.com>
References: <cc175a7eb5ea9b8fdcb446713d866942$1@sybershock.com> <ea643b44046d76ff95c6e01529095d48$1@www.novabbs.org> <cebcc51dc8820099df91651ccddfde33$1@sybershock.com> <cb758ad2e2202d0779e17e48c3d0cdc2$1@www.novabbs.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org;
logging-data="1606832"; mail-complaints-to="usenet@i2pn2.org";
posting-account="qk6pvs/sIyKYNRNFdjVS+ghlZZkCUq7cWs+7p7kaLpU";
User-Agent: Rocksolid Light
X-Face: .&YR-G(w(DZ$$,}%k=]*5*!p'=(anr"IT`wZG'2VWdfl\r)l[42u7JH`n(JUQ*e5*A|XCDf
?&\X&uwkl38"CYX3O8m}C8E4p'%N$2#kSTVzx{Ly|DjLT\Vk7NE}NQ(VC$Yq]i:7|z[.9iv^g>*8_B
H0=hZt'[%)4kG|
X-Rslight-Site: $2y$10$GWF60HrKhW9jzMPvJfYm3.4l44lH6vjvZUF3Rtk.2Bkpa8rBxK2eG
X-Spam-Checker-Version: SpamAssassin 4.0.0
X-Rslight-Posting-User: 470b25edab282a455f83b37c76e8728963cc19ae
 by: Retro Guy - Mon, 11 Mar 2024 10:19 UTC

Retro Guy wrote:

> On Mon, 11 Mar 2024 01:41:38 +0000, SugarBug wrote:

>> On Sun, 10 Mar 2024 17:15:49 -0700
>> Retro Guy <retroguy@novabbs.org> wrote:
>>
>>> On Mon, 11 Mar 2024 00:07:31 +0000, SugarBug wrote:
>>>
>>>> I would like to set up a rslight install that does not allow unauthenticated users to list groups or read articles.
>>>>
>>>> Is there a way to prevent anonymous NNTP reader access and require authentication to list newsgroups and issue commands?
>>>>
>>>> I am thinking along the lines of how Eternal September has their newsgroup access configured. A user must have an account to see the newsgroups or pull articles.
>>>
>>> That feature does not exist, but I can add it. It's a good feature as long
>>> as there is a config toggle to turn it on or off.
>>>
>>> Right now you can read without auth, but auth is required for posting. At
>>> least it's meant to be that way unless you're seeing otherwise.
>>>
>>> At first, I would just require auth for all groups. We could add a config
>>> array after that to allow some groups but it's just more work.
>>>
>>> I'll take a look at starting on this in a couple of days.
>>
>> Great! I'll check back probably by the weekend and test it.

> I have it working now, but I'll do some more testing before I push it to
> gitlab. It was pretty simple.

This commit has been pushed to gitlab:
https://gitlab.com/rslight-public/rocksolid-light

The changed file is $config_dir/scripts/rslight-lib.php

You need to enable this feature in overrides.inc.php by adding:

// Require authentication for all commands to nntp server
'nntp_full_auth_required' => true,

This will require auth for all commands to nntp server (not mode, authinfo or quit of course).

--
Retro Guy

Re: [rslight] Enforce Authenticated NNTP Access?

<77917d0f80fa884decb3ceece255a35a@www.rocksolidbbs.com>

  copy mid

https://news.novabbs.org/computers/article-flat.php?id=1039&group=rocksolid.nodes.help#1039

  copy link   Newsgroups: rocksolid.nodes.help
Path: i2pn2.org!.POSTED!not-for-mail
From: retroguy@novabbs.com (Retro Guy)
Newsgroups: rocksolid.nodes.help
Subject: Re: [rslight] Enforce Authenticated NNTP Access?
Date: Fri, 22 Mar 2024 23:26:02 +0000
Organization: RetroBBS
Message-ID: <77917d0f80fa884decb3ceece255a35a@www.rocksolidbbs.com>
References: <cc175a7eb5ea9b8fdcb446713d866942$1@sybershock.com> <ea643b44046d76ff95c6e01529095d48$1@www.novabbs.org> <cebcc51dc8820099df91651ccddfde33$1@sybershock.com> <cb758ad2e2202d0779e17e48c3d0cdc2$1@www.novabbs.org> <1fc46c655f43fdf636c5b03fe4d7b2bb@www.rocksolidbbs.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org;
logging-data="2888084"; mail-complaints-to="usenet@i2pn2.org";
posting-account="qk6pvs/sIyKYNRNFdjVS+ghlZZkCUq7cWs+7p7kaLpU";
User-Agent: Rocksolid Light
X-Rslight-Site: $2y$10$qbW3lNa7HLpEBEMlB52As.lMxxZ1T9q3WE4/39JPndIX5ZNIk15gy
X-Face: .&YR-G(w(DZ$$,}%k=]*5*!p'=(anr"IT`wZG'2VWdfl\r)l[42u7JH`n(JUQ*e5*A|XCDf
?&\X&uwkl38"CYX3O8m}C8E4p'%N$2#kSTVzx{Ly|DjLT\Vk7NE}NQ(VC$Yq]i:7|z[.9iv^g>*8_B
H0=hZt'[%)4kG|
X-Spam-Checker-Version: SpamAssassin 4.0.0
X-Rslight-Posting-User: 470b25edab282a455f83b37c76e8728963cc19ae
 by: Retro Guy - Fri, 22 Mar 2024 23:26 UTC

Retro Guy wrote:

> Retro Guy wrote:

>> On Mon, 11 Mar 2024 01:41:38 +0000, SugarBug wrote:

>>> On Sun, 10 Mar 2024 17:15:49 -0700
>>> Retro Guy <retroguy@novabbs.org> wrote:
>>>
>>>> On Mon, 11 Mar 2024 00:07:31 +0000, SugarBug wrote:
>>>>
>>>>> I would like to set up a rslight install that does not allow unauthenticated users to list groups or read articles.
>>>>>
>>>>> Is there a way to prevent anonymous NNTP reader access and require authentication to list newsgroups and issue commands?
>>>>>
>>>>> I am thinking along the lines of how Eternal September has their newsgroup access configured. A user must have an account to see the newsgroups or pull articles.
>>>>
>>>> That feature does not exist, but I can add it. It's a good feature as long
>>>> as there is a config toggle to turn it on or off.
>>>>
>>>> Right now you can read without auth, but auth is required for posting. At
>>>> least it's meant to be that way unless you're seeing otherwise.
>>>>
>>>> At first, I would just require auth for all groups. We could add a config
>>>> array after that to allow some groups but it's just more work.
>>>>
>>>> I'll take a look at starting on this in a couple of days.
>>>
>>> Great! I'll check back probably by the weekend and test it.

>> I have it working now, but I'll do some more testing before I push it to
>> gitlab. It was pretty simple.

> This commit has been pushed to gitlab:
> https://gitlab.com/rslight-public/rocksolid-light

> The changed file is $config_dir/scripts/rslight-lib.php

> You need to enable this feature in overrides.inc.php by adding:

> // Require authentication for all commands to nntp server
> 'nntp_full_auth_required' => true,

> This will require auth for all commands to nntp server (not mode, authinfo or quit of course).

Did this end up working for you?

--
Retro Guy


computers / Rocksolid Nodes Help / [rslight] Enforce Authenticated NNTP Access?

1
server_pubkey.txt

rocksolid light 0.9.81
clearnet tor