AUTH(5) AUTH(5)
NAME
auth - file system authentication
SYNOPSIS
Tauth tag[2] fid[2] uid[28] chal[36]
Rauth tag[2] fid[2] chal[30]
DESCRIPTION
The auth message is used to authorize a connection. It is
issued before an attach. Fid and uid are the same as for
attach.
The chal field of a Tauth message contains a 36-byte string
encrypted with the client's authentication key. The
(decrypted) string contains a byte with value 1, a seven
byte client challenge, and the server's name NUL-padded to
28 (NAMELEN) bytes.
The chal field of the Rauth reply message is also encrypted
with the client's key. The decrypted string contains a byte
with value 4, the client's challenge, a seven byte ticket
key, and a fifteen byte ticket. The ticket is placed in the
auth field of a subsequent attach message to validate a con-
nection.
The ticket key is currently unused. It may one day be used
to encrypt subsequent communication with the server.
These messages are also documented in the section of auth(6)
describing the fsauth protocol.
If a server does not perform authentication, it should
return an Rerror when it receives an auth.
ENTRY POINTS
Mount (see bind(2)) generates an auth transaction to the
remote file server. When the kernel boots, an auth is made
to the requested file server machine.
SEE ALSO
auth(6)
Page 1 Plan 9 (printed 11/17/24)