TZUTC: -0700   
   MSGID: 57835.sync_sys@1:103/705 2c68b12c   
   REPLY: 57834.sync_sys@1:103/705 2c689755   
   PID: Synchronet 3.21a-Linux master/a20ba6050 Apr 11 2025 GCC 12.2.0   
   TID: SBBSecho 3.24-Linux master/a20ba6050 Apr 11 2025 GCC 12.2.0   
   COLS: 80   
   BBSID: VERT   
   CHRS: CP437 2   
   NOTE: FSEditor.js v1.105   
     Re: rlogin.js -h[pepper]   
     By: xbit to Digital Man on Fri Apr 18 2025 09:35 am   
      
    >   Re: rlogin.js -h[pepper]   
    >   By: Digital Man to xbit on Sun Apr 13 2025 02:15 pm   
    >   
    >  >  xb>> Great update. Testing now on a few systems connected to Global War   
    >  >  xb>> Gate (rlogin server). So far so good.   
    >  >> Might have spoke too soon. When replacing the -p with -h a test caller   
    >  >> rloging into global war got the following:   
    >  >> Resolving hostname...   
    >  >> Invalid Logon   
    >  >> Password:   
    >  >> This test was from another BBS. My first tests was from my linux bbs to   
    >  >> windows bbs local.   
    >  DM> That would be expected if the user already had an account with their   
    >  DM> password from the client BBS. You would need to delete their user   
    >  DM> account so it can be recreated with the right hashed-password or just   
    >  DM> change the account password to match the hashed-password that was   
    >  DM> attempted.   
    >   
    > It sounds like the -s[tag] might need to be in play then? With out it, if a   
    > user first rlogs into the game and sync applies the pepper (hash) all is   
    > great. But if the user then wants to telnet via normal methods using the   
    > same user name they would need to know the long hashed password. Yes?   
      
   Yes.   
      
    > The -s[tag] would segregate a rlogin from a normal account. For example   
    > someone rlogging into xbit bbs from vert with a -s[vert] tag might look like   
    > [vert]xbit.   
    >   
    > I did some testing before the -s[tag] idea and got this error:   
    > FAILED Password attempt: 'testpass' expected:'7278D2BA..(long hash).   
    >   
    > Am i on the right path or not getting somthing? Thank you DM.   
      
   If you want the game server to also serve as a normal BBS (e.g. for Telnet/SSH   
   users), then yeah, you're going to need the user to know their own password.   
   It sounds like you're thinking a user that wanted to use the game server   
   function and the normal BBS function would need two user accounts on your   
   system, one with a tag and the other not (not ideal, but yes, viable).   
   --    
                                               digital man (rob)   
      
   Steven Wright quote #32:   
   The colder the x-ray table, the more of your body is required to be on it.   
   Norco, CA WX: 53.8øF, 82.0% humidity, 6 mph WSW wind, 0.00 inches rain/24hrs   
   --- SBBSecho 3.24-Linux   
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)   
   SEEN-BY: 103/13 705 105/81 106/201 124/5016 128/187 153/757 7715 154/10   
   SEEN-BY: 154/30 110 203/0 218/700 221/0 226/30 227/114 229/110 114   
   SEEN-BY: 229/206 317 400 426 428 470 550 700 705 240/1120 5832 263/1   
   SEEN-BY: 266/512 280/464 5003 5006 291/111 292/8125 301/1 320/219   
   SEEN-BY: 322/757 341/66 234 342/200 396/45 423/120 460/58 256 1124   
   SEEN-BY: 467/888 633/280 712/848 770/1 902/26 5020/400 8912 5054/30   
   SEEN-BY: 5075/35   
   PATH: 103/705 280/464 460/58 229/426