Network Logins

[Mark Verber]

> Is there a way to set up workstations so that if a user types
> woo at woonext.dsrd.ornl.gov at login, the login procedure would open a
> telnet session to the machine described.  I'm looking for a way to
> allow people to walk up to a workstation in someone else's office
> allow them to access their own workstation without having to have an
> account opened or without letting them use a terminal window in
> another users open area.

It is possible to do this if you hack login... I have seem this sort
of function on DEC machine for an Internet<->DECnet gateway where you
can login as node::user and it makes a connection for you to the
remote machine.

I don't know anyone who has done this for anything but protocol
gateways though because it means that you are providing a way for
people to access the Internet without any controls (like an
uncontrolled Terminal server) which people could use to hide their
identity when hacking machines.

Within an orginization, the way many people handle this sort of thing
is to have a global account authentication (served by YP/NIS, Hesiod,
Apollo/Domain, etc) which does account validation accross the network.
You rely on peer pressure (and when necessary threats) to keep people
from abusing the prividge of using other people's workstations.

--mark