Groups keyboard shortcuts have been updated
Dismiss
See shortcuts

Login using telnet localhost 4242 in a ScarletDME instance produced using the new installer.

116 views
Skip to first unread message

Luca Masini

unread,
Nov 11, 2023, 10:30:41 AM11/11/23
to ScarletDME
I have installed ScarletDME using " ScarletDME installer" from https://github.com/dmontaine/ScarletDME64_Installer on a Linux-Mint-21-Victoria box.

I did this test

  1) run qm in the home directory of my user (/home/aigor)    ->  OK
  2) telnet localhost 4242                                    ->  FAIL

The telnet file with following messages

****  [BEGIN-TELNET-SNIPPET]  ****

Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
[ ScarletDME Rev 2.6-6   Copyright Ladybridge Systems, 2007 ]

Welcome to ScarletDME!  Multi-Value for the masses, not the classes.
This program is free software and is supplied with ABSOLUTELY NO WARRANTY.
You are welcome to modify or redistribute this software subject to certain
conditions.  For details type CONFIG GPL.

Telnet connection from 0.0.0.0
Username: aigor
Password: *********

Invalid username or password

****  [END-TELNET-SNIPPET]  ****



So I gave this command in a ScarletDME session running as ADMIN

  SECURITY OFF

Then I telnet again

  3) telnet localhost 4242                                    ->  OK

****  [BEGIN-TELNET-SNIPPET]  ****

Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
[ ScarletDME Rev 2.6-6   Copyright Ladybridge Systems, 2007 ]

Welcome to ScarletDME!  Multi-Value for the masses, not the classes.
This program is free software and is supplied with ABSOLUTELY NO WARRANTY.
You are welcome to modify or redistribute this software subject to certain
conditions.  For details type CONFIG GPL.

Telnet connection from 0.0.0.0
Account: AIGOR
:

****  [END-TELNET-SNIPPET]  ****


I think the problem is in the LOGIN and/or _LOGIN programs more or less here:

[BEGIN-SNIPPET-FROM-LINE-314-OF-LOGIN]
               if lgn.id[1,1] # '$' then   ;* Names cannot start with $
                  if login(lgn.id, password) then
                     logname = lgn.id

                     * Get any saved account data for this user

                     read lgn.rec from lgn.f, lgn.id else
                        if security.rec<1> then
                           * To get here, we must be running an NT or Linux
                           * system, the user is not in the $LOGINS register and
                           * the security system is on. Reject this connection.

                           display sysmsg(5009) ;* This user is not registered for QM use
                           goto terminate.connection
                        end
                     end

                     exit
                  end
               end

               display sysmsg(5017) ;* Invalid username or password
               sleep 3
[END-SNIPPET-FROM-LINE-314-OF-LOGIN]

I suppose that the call to "login(lgn.id, password)" in the second line of the snippet
refers to the function login defined in _LOGIN

[BEGIN-SNIPPET-FROM-_LOGIN]

* _LOGIN
* Check username and password using own validation system.

[END-SNIPPET-FROM-_LOGIN]

I suppose that this login function is not integrated with the validation system of Linux.

I don't know how to fix this (but I can work this around by disabling the security).

Can someone with more expertise take a look at this?

MfG

Luca.

geneb

unread,
Nov 11, 2023, 11:31:54 AM11/11/23
to scarl...@googlegroups.com
On Sat, 11 Nov 2023, Luca Masini wrote:

> I have installed ScarletDME using " ScarletDME installer" from
> https://github.com/dmontaine/ScarletDME64_Installer on a
> Linux-Mint-21-Victoria box.
>
> I did this test
>
> 1) run qm in the home directory of my user (/home/aigor) -> OK
> 2) telnet localhost 4242 -> FAIL
>
> The telnet file with following messages
>
> **** [BEGIN-TELNET-SNIPPET] ****
>
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> [ ScarletDME Rev 2.6-6 Copyright Ladybridge Systems, 2007 ]
>
> Welcome to ScarletDME! Multi-Value for the masses, not the classes.
> This program is free software and is supplied with ABSOLUTELY NO WARRANTY.
> You are welcome to modify or redistribute this software subject to certain
> conditions. For details type CONFIG GPL.
>
> Telnet connection from 0.0.0.0
> Username: aigor
> Password: *********


Luca, in order for that login mechanism to work, you'll need to create an
account within ScarletDME.

g.

--
Proud owner of F-15C 80-0007
http://www.f15sim.com - The only one of its kind.
http://www.diy-cockpits.org/coll - Go Collimated or Go Home.
Some people collect things for a hobby. Geeks collect hobbies.

ScarletDME - The red hot Data Management Environment
A Multi-Value database for the masses, not the classes.
http://scarlet.deltasoft.com - Get it _today_!

Luca Masini

unread,
Nov 11, 2023, 6:15:33 PM11/11/23
to ScarletDME
geneb, what you mean with

 > in order for that login mechanism to work, you'll need to create an account within ScarletDME.
?

I'm a novice with Scarled DME....

I did these steps inside a new VirtualBox VM prepared just for Scarlet DME
(I still was not able to login with security on and the DELETE.USER command ruined the /home/aigor home directory)

1. Starting the VirtualBox VM from snapshot after ScarletDME installation

  1.1 Home directory of user aigor
        aigor@aigor-mint-victoria:~$ ls -l
        total 36
        drwxr-xr-x 2 aigor aigor 4096 Nov 11 00:29 Desktop
        drwxr-xr-x 2 aigor aigor 4096 Nov 11 00:29 Documents
        drwxr-xr-x 2 aigor aigor 4096 Nov 11 00:29 Downloads
        drwxr-xr-x 2 aigor aigor 4096 Nov 11 00:29 Music
        drwxr-xr-x 2 aigor aigor 4096 Nov 11 00:29 Pictures
        drwxr-xr-x 2 aigor aigor 4096 Nov 11 00:29 Public
        drwxr-xr-x 2 aigor aigor 4096 Nov 11 00:29 Templates
        drwxr-xr-x 2 aigor aigor 4096 Nov 11 00:29 Videos
        drwxrwxr-x 3 aigor aigor 4096 Nov 11 00:57 workspace

  1.2 Create the aigor account
        :SECURITY
        System security is enabled
        :CREATE.ACCOUNT aigor /home/aigor
        Creating VOC...
        Creating $HOLD...
        Creating $SAVEDLISTS...
        Creating private catalogue directory...
        Adding to register of accounts...

  1.3 Home directory of user aigor (after creation of the account)
        aigor@aigor-mint-victoria:~$ ls -l
        total 56
        drwxr-xr-x 2 root  root  4096 Nov 11 23:56 '$HOLD'
        drwxr-xr-x 2 root  root  4096 Nov 11 23:56 '$HOLD.DIC'
        drwxr-xr-x 2 root  root  4096 Nov 11 23:56 '$SVLISTS'
        drwxr-xr-x 2 root  root  4096 Nov 11 23:56  cat
        drwxr-xr-x 2 aigor aigor 4096 Nov 11 00:29  Desktop
        drwxr-xr-x 2 aigor aigor 4096 Nov 11 00:29  Documents
        drwxr-xr-x 2 aigor aigor 4096 Nov 11 00:29  Downloads
        drwxr-xr-x 2 aigor aigor 4096 Nov 11 00:29  Music
        drwxr-xr-x 2 aigor aigor 4096 Nov 11 00:29  Pictures
        drwxr-xr-x 2 aigor aigor 4096 Nov 11 00:29  Public
        drwxr-xr-x 2 aigor aigor 4096 Nov 11 00:29  Templates
        drwxr-xr-x 2 aigor aigor 4096 Nov 11 00:29  Videos
        drwxr-xr-x 2 root  root  4096 Nov 11 23:56  VOC
        drwxrwxr-x 3 aigor aigor 4096 Nov 11 00:57  workspace

  1.4 Now try to connect via telnet
        aigor@aigor-mint-victoria:~$ telnet localhost 4242

        Trying 127.0.0.1...
        Connected to localhost.
        Escape character is '^]'.
        [ ScarletDME Rev 2.6-6   Copyright Ladybridge Systems, 2007 ]

        Welcome to ScarletDME!  Multi-Value for the masses, not the classes.
        This program is free software and is supplied with ABSOLUTELY NO WARRANTY.
        You are welcome to modify or redistribute this software subject to certain
        conditions.  For details type CONFIG GPL.

        Telnet connection from 0.0.0.0
        Username: aigor
        Password: *********

        Invalid username or password

  1.5 Now delete the aigor account
      :DELETE.ACCOUNT aigor
      Delete directory /home/aigor (Y/N)? Y

  1.6 Home directory of user aigor (after the delet)
      aigor@aigor-mint-victoria:~$ ls -l
      total 20
      drwxr-xr-x 2 root  root  4096 Nov 11 23:56 '$HOLD.DIC'  <-- THIS IS STILL THERE
      drwxr-xr-x 2 root  root  4096 Nov 11 23:56 '$SVLISTS'   <-- THIS IS STILL THERE
      drwxr-xr-x 2 aigor aigor 4096 Nov 12 00:00  Desktop
      drwxr-xr-x 2 aigor aigor 4096 Nov 11 00:29  Downloads
      drwxr-xr-x 2 aigor aigor 4096 Nov 11 00:29  Videos
                                                              <-- DIRECTORY Documents AND OTHER VAPORIZED BY DELETE.ACCOUNT

  1.7 Restore the the VirtualBox VM from snapshot to undo the mess

MfG

Luca.
Message has been deleted

Donald Montaine

unread,
Nov 11, 2023, 8:08:37 PM11/11/23
to ScarletDME
You don't need telnet if you are working on the computer where qm is installed.  Just type "qm" where you want the account to be installed.
Qm will prompt "Current directory /home/<yourname> is not a valid account. Create account?"  If I want multiple accounts, I can create 3 directories under my Linux home directory.  I have qm1, qm2 and qm3.  The account name will be the same as the name of the directory.  So opening 3 terminal sessions, changing to the appropriate directory and typing qm, I can have each terminal session logged in as a different user.

Here is the text regarding telnet from the documentation for 2.6.6:

"On other platforms (Linux), network users will always be required to enter a valid username and password
known to the operating system. Furthermore, if security is enabled, this username must also be in
QM's own register of usernames. It is inserted into the register using the CREATE.USER or
ADMIN.USER commands. If security is not enabled, any user with a valid operating system
username will be able to make a direct network connection to QM."

Personally, on LinuxI have never used  telnet (as it is not secure in transit) or security (the built in Linux account security is enough).  For a local user, their home directory is also their qm account directory.  For remote users, I have always used SSH and at login the user is in their home directory.  Typing "qm" will log them in to their account (or you can have them logged into qm automatically and then logged out when their qm session ends by writing bash scripts or entering command sat the end of .profile (for Ubuntu).  That way they never see the Linux shell at all.

Bo Wang

unread,
Nov 13, 2023, 8:28:22 PM11/13/23
to ScarletDME
Hi Luca, 
I tried to login using telnet localhost 4242 with  SECURITY, and it works fine, I can't reproduce the issue you met. 
For the DELETE.ACCOUNT command, I think you'd better to CREATE.ACOUNT with another directory as Donald says, that would work fine.
Bo

Nextjob

unread,
Nov 14, 2023, 5:19:26 AM11/14/23
to scarl...@googlegroups.com

Also a possibility, updated password encoding for newer distributions.


See conversation titled:


“Scarlet/openQM 2.6-6 becomes incompatible with Debian Squeeze”


Last post in thread:


“It appears the password issue is back again with Debian 11 / Ubuntu 22.04. The new default password encoding is yescrypt.”



--
You received this message because you are subscribed to the Google Groups "ScarletDME" group.
To unsubscribe from this group and stop receiving emails from it, send an email to scarletdme+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/scarletdme/eac72025-1250-447b-95fd-1fd7d50bab9an%40googlegroups.com.

Luca Masini

unread,
Nov 17, 2023, 2:41:05 PM11/17/23
to ScarletDME
The suggestion to look at the conversation titled “Scarlet/openQM 2.6-6 becomes incompatible with Debian Squeeze” was very helpful.
I was able to login with telnet and security enabled after changing the file /etc/pam.d/common-password to use MD5 encoding for the password hash.

MfG
Luca.

PS: I was not able to change the source file linuxio.c to correctly use yescrypt encoding.

Nextjob

unread,
Nov 30, 2023, 9:38:58 PM11/30/23
to ScarletDME
Pull request submitted (#71), fix login_user to recognize  yescrypt passwords
Reply all
Reply to author
Forward
0 new messages