.TH AUTHDUMP 8 "August 2007" "OpenFWTK" .SH NAME authdup, authload \- dump and load authentication database information .SH SYNOPSIS .BI "authdump " "[> file]" .PP .BI "authload " "[< file]" .SH DESCRIPTION .B authdump dumps the contents of the authentication database to stdout or the specified file. .B authdump reads the database and displays the following information for each user: .RS .IP "\(bu" 4m user name .IP "\(bu" 4m longname .IP "\(bu" 4m groups .IP "\(bu" 4m password .IP "\(bu" 4m flags .IP "\(bu" 4m number of bad logins .IP "\(bu" 4m authentication protocol .IP "\(bu" 4m last authentication time .IP "\(bu" 4m time of last password change .RE .sp .B authload reads in a file of user information. If .B authload finds an existing record with a matching user name, it replaces the record with the new information. If .B authload does not find a matching record, it adds the information to the authentication database. .sp You can use .B authdump with your other UNIX administration tools to create regular backups of the authentication database. You can use .B authload to exchange information with other OpenFWTK firewalls (and, to some extent, with Gauntlet and TIS fwtk). See .BR authsrv(8) for more information on the authentication management system. .SH OPTIONS .SS Command Line Options None in this version. .I file Specifies the name of the file into which .B authdump places the records from the authentication database and .B authload reads the records that it places into the authentication database. .SS Configuration Options .B authdump and .B authload read configuration rules from the .IR "/usr/local/etc/netperm-table" . They read all rules using the .B authsrv keyword. .B authdump and .B authload read the .I netperm-table from top to bottom. If there are multiple rules in the table that could apply for a particular attribute, .B authdump and .B authload use the first one that they find. See .BR netperm-table(5) for a more complete explanation of .I netperm-table syntax and precedence. .PP .B authdump and .B authload recognize the following attributes: .TP .BI "database" " path" Specifies the pathname of the database that .B authdump or .B authload uses. .SH EXAMPLES This example shows the configuration lines in the .I netperm-table that indicate that .B authdump and .B authload use the database in .I /usr/local/etc/fw-authdb : .sp 1 .nf .na .RS authsrv: database /usr/local/etc/fw-authdb .RE .fa .fi .sp 1 This example shows the output from .B authdump : .sp 1 .nf .na .RS user=fwadmin longname= group= pass=* flags=2 bad_count=0 proto=s last=832619508 user=scooter longname=Scooter Lindley group= pass=160 270 203 065 022 034 232 162 flags=0 bad_count=0 proto=d last=832619427 .RE .fa .fi .sp 1 .SH FILES .IP /usr/local/etc/netperm-table The network permissions file contains configuration information for the Firewall Toolkit, including .BR authdump . .SH BUGS OpenFWTK's .BR authdump and .BR authload are not fully compatible with TIS firewalls (fwtk and Gauntlet). The differences are: .IP "\(bu" 4m OpenFWTK allows multiple groups per user, while TIS firewalls allow only one. .IP "\(bu" 4m OpenFWTK stores s/key and SecurID hashes inside main authentication database, while TIS firewalls use external ones. .PP It means that: .PP .IP "\(bu" 4m It is not possible to keep SecurID and s/key authentication data when using .BR authdump / authload to migrate from TIS firewalls to OpenFWTK. .IP "\(bu" 4m It is not possible to export OpenFWTK authentication database and to load it into TIS firewalls, as TIS version of authload won't accept data format which differs from their own, even if no extended features are used. .PP Report bugs to the fwtk-users mailing list. Include a complete example, explaining what you expected to happen and what actually happened. Be sure to indicate the type of system (operating system, hardware, etc.) you are using, as well as the version of .B authdump or .B authload . .SH AUTHOR Alexei Kravchuk. .SH SEE ALSO .BR netperm-table "(5), " rc "(8), "authsrv "(8)"