Author Topic: Multiple rcon passwords (Read 3097 times)

Posts · « **on:** September 26, 2008, 06:26:23 pm »

accountability, tracing the leaks.

If you have a popular server you are going to have lots of admins, and you may not even own the server(you are just root), inevitably many careless people will end up with the rcon password

When someone from an unknown IP connects with the same rcon password many others use and bans everyone, its hard to take corrective action.

server.cfg:
rcon_password_clear
rcon_password_add "pass1" "bob"
rcon_password_add "pass2" "john"

server log:
rcon 123.123.123.123 bob: status
rcon 123.123.123.123 bob: say hi
rcon 223.223.223.223 john: status

backwards compatibility:
keep rcon_password
authenticating from 3rd party tool will be the same, except there will be multiple valid passwords

hardening:
don't let rcon contaminate this feature (this may conflict with a rcon can do anything philosophy)

kevlarman · « **Reply #1 on:** September 26, 2008, 06:54:27 pm »

you shouldn't give out the rcon password to enough people that it matters, rconpasswords are transmitted as plaintext, and shouldn't be relied upon anyway.

Paradox · « **Reply #2 on:** September 26, 2008, 10:06:06 pm »

Get SSH

Posts · « **Reply #3 on:** September 26, 2008, 10:17:35 pm »

mmm, i agree, bad idea, but at the moment it seemed great

doomagent13 · « **Reply #4 on:** September 28, 2008, 07:03:21 pm »

This is why the admin system was created: so you DONT have to give out the rcon password.

Tremulous Forum

News:

Author Topic: Multiple rcon passwords (Read 3097 times)

Posts

Multiple rcon passwords

kevlarman

Re: Multiple rcon passwords

Paradox

Re: Multiple rcon passwords

Posts

Re: Multiple rcon passwords

doomagent13

Re: Multiple rcon passwords