• 2fa auth

    From Embalmed@21:4/166 to All on Tue Mar 17 20:14:08 2020
    So I have the 2fa authentication in my prelogin.

    Works great, except that if you just hit enter a bunch of times(aka don't
    fill out a proper code)
    it then drops out and says something like this didn't work would you like to send a notification to Embalmed. I say no, it says something about trying again, but it just moves on like I successfully authenticated.

    |07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
    |09Black Lodge Research BBS |11blacklodgeresearch.org:4022
    |11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

    --- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
    * Origin: Black Lodge Research BBS (21:4/166)
  • From Embalmed@21:4/166 to All on Wed Mar 18 23:50:25 2020
    So I have the 2fa authentication in my prelogin.

    Works great, except that if you just hit enter a bunch of times(aka don't fill out a proper code)
    Anyone know how to fix this? It says it was unable to authenticate me and to try again, but then it just moves on in the prelogin process. How do I keep the user from continuing until 2fa is completed if it is enabled for their account?

    |07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
    |09Black Lodge Research BBS |11blacklodgeresearch.org:4022
    |11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

    --- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
    * Origin: Black Lodge Research BBS (21:4/166)
  • From Analog@21:2/123 to Embalmed on Mon Mar 23 07:40:11 2020
    Anyone know how to fix this? It says it was unable to authenticate me
    and to try again, but then it just moves on in the prelogin process.
    How do I keep the user from continuing until 2fa is completed if it is enabled for their account?

    Embalmed,

    Which mod are you referring to? The dPR 2FA?

    |20|15┌─|16|08┤ |08De|07ad|15be|07a|08tz b|07b|15s
    |08└─┘├─┐ |08:>.|07A|08rk |0710|08:|07101|08/|0714|08.
    |04■ |08└|20|15─|16|08┘ |08:>.|10A|02gn |1046|08:|101|08/|10123|08.
    |04A|07n|15al|07o|08g |08:>.|12F|04sx |1221|08:|122|08/|12123|08.
    |04.|08dPR|04. |08:>.|15S|07ci |1577|08:|151|08/|15131|08. |04░▒░|08▒██▄▌|08:>.|11T|03qw |111337|08:|113|08/|1113|08.

    --- Mystic BBS v1.12 A45 2020/02/09 (Linux/64)
    * Origin: deadbeatz.org (21:2/123)
  • From Analog@21:2/123 to Embalmed on Mon Mar 23 07:47:50 2020
    Anyone know how to fix this? It says it was unable to authenticate m and to try again, but then it just moves on in the prelogin process. How do I keep the user from continuing until 2fa is completed if it i enabled for their account?

    If it is the dPR mod, you need to change:
    hangup = True
    in the script

    Otherwise, it won't hangup and allow you to continue on. That's mainly there for debugging or testing.

    Cheers,

    |20|15┌─|16|08┤ |08De|07ad|15be|07a|08tz b|07b|15s
    |08└─┘├─┐ |08:>.|07A|08rk |0710|08:|07101|08/|0714|08.
    |04■ |08└|20|15─|16|08┘ |08:>.|10A|02gn |1046|08:|101|08/|10123|08.
    |04A|07n|15al|07o|08g |08:>.|12F|04sx |1221|08:|122|08/|12123|08.
    |04.|08dPR|04. |08:>.|15S|07ci |1577|08:|151|08/|15131|08. |04░▒░|08▒██▄▌|08:>.|11T|03qw |111337|08:|113|08/|1113|08.

    --- Mystic BBS v1.12 A45 2020/02/09 (Linux/64)
    * Origin: deadbeatz.org (21:2/123)
  • From Embalmed@21:4/166 to Analog on Mon Mar 23 14:08:40 2020
    If it is the dPR mod, you need to change:
    hangup = True
    in the script

    Otherwise, it won't hangup and allow you to continue on. That's mainly there for debugging or testing.

    AHHHHH! Thank you Analog, I have been annoyed by that for weeks, not sure
    how I missed that setting. It does indeed hangup with hangup = True, that is exactly what I needed.

    <3

    |07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
    |09Black Lodge Research BBS |11blacklodgeresearch.org:4022
    |11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

    --- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
    * Origin: Black Lodge Research BBS (21:4/166)
  • From Nitro@21:1/190 to Embalmed on Mon Mar 23 16:32:01 2020
    AHHHHH! Thank you Analog, I have been annoyed by that for weeks, not sure how I missed that setting. It does indeed hangup with hangup =
    True, that is exactly what I needed.

    Greetings sorry to butt in, where can I find this mod? I would like to
    install it??

    Regards,

    Nitro

    --- Mystic BBS v1.12 A46 2020/03/18 (Windows/64)
    * Origin: Abacus BBS (21:1/190)
  • From Embalmed@21:4/166 to Nitro on Mon Mar 23 16:37:34 2020
    Greetings sorry to butt in, where can I find this mod? I would like to install it??
    I have it on my BBS in the SciNet: BBS Mods file area. I am sure it's
    floating around elsewhere it's dpr_2fa

    |07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
    |09Black Lodge Research BBS |11blacklodgeresearch.org:4022
    |11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

    --- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
    * Origin: Black Lodge Research BBS (21:4/166)
  • From Analog@21:2/123 to Embalmed on Mon Mar 23 18:21:05 2020
    AHHHHH! Thank you Analog, I have been annoyed by that for weeks, not sure how I missed that setting. It does indeed hangup with hangup =
    True, that is exactly what I needed.
    No problem brother. I wrote that so if you have any issues, check the documentation or email me at dpr@deadbeatz.org (for dPR related stuff).

    Cheers,

    |20|15┌─|16|08┤ |08De|07ad|15be|07a|08tz b|07b|15s
    |08└─┘├─┐ |08:>.|07A|08rk |0710|08:|07101|08/|0714|08.
    |04■ |08└|20|15─|16|08┘ |08:>.|10A|02gn |1046|08:|101|08/|10123|08.
    |04A|07n|15al|07o|08g |08:>.|12F|04sx |1221|08:|122|08/|12123|08.
    |04.|08dPR|04. |08:>.|15S|07ci |1577|08:|151|08/|15131|08. |04░▒░|08▒██▄▌|08:>.|11T|03qw |111337|08:|113|08/|1113|08.

    --- Mystic BBS v1.12 A45 2020/02/09 (Linux/64)
    * Origin: deadbeatz.org (21:2/123)
  • From Analog@21:2/123 to Nitro on Mon Mar 23 18:41:37 2020
    Greetings sorry to butt in, where can I find this mod? I would like to install it??

    Nitro,

    You can find any dPR mods in FSX Mystic Mods file area or on SciNet BBS Mods.
    I think it's even on Fidonet somewhere but that place is a mess.

    |20|15┌─|16|08┤ |08De|07ad|15be|07a|08tz b|07b|15s
    |08└─┘├─┐ |08:>.|07A|08rk |0710|08:|07101|08/|0714|08.
    |04■ |08└|20|15─|16|08┘ |08:>.|10A|02gn |1046|08:|101|08/|10123|08.
    |04A|07n|15al|07o|08g |08:>.|12F|04sx |1221|08:|122|08/|12123|08.
    |04.|08dPR|04. |08:>.|15S|07ci |1577|08:|151|08/|15131|08. |04░▒░|08▒██▄▌|08:>.|11T|03qw |111337|08:|113|08/|1113|08.

    --- Mystic BBS v1.12 A45 2020/02/09 (Linux/64)
    * Origin: deadbeatz.org (21:2/123)
  • From Nitro@21:1/190 to Analog on Mon Mar 23 17:50:46 2020
    You can find any dPR mods in FSX Mystic Mods file area or on SciNet BBS Mods. I think it's even on Fidonet somewhere but that place is a mess.

    Thank you I will have a look there, I could not connect to blacklodgeresearch.org:4022 for some reason

    Regards,

    Nitro

    --- Mystic BBS v1.12 A46 2020/03/22 (Windows/32)
    * Origin: Abacus BBS (21:1/190)
  • From Nitro@21:1/190 to Analog on Mon Mar 23 17:58:54 2020
    You can find any dPR mods in FSX Mystic Mods file area or on SciNet BBS Mods. I think it's even on Fidonet somewhere but that place is a mess.

    Thats right I cant login to your bbs as I dont have a code and have not been validated?

    Regards,

    Nitro

    --- Mystic BBS v1.12 A46 2020/03/22 (Windows/32)
    * Origin: Abacus BBS (21:1/190)
  • From Alpha@21:4/158 to Embalmed on Tue Mar 24 01:02:09 2020
    AHHHHH! Thank you Analog, I have been annoyed by that for weeks, not sure how I missed that setting. It does indeed hangup with hangup =
    True, that is exactly what I needed.

    Question: how does this differ from using mystic's built-in email validator (e.g. for new users)? Does it trigger validation when the user is signing
    in from an unrecognized IP address? Thanks in advance for educating me :)

    |08.|07..|15.. |05Alpha |07- |13Card & Claw BBS |07- |08Berkeley, CA USA

    --- Mystic BBS v1.12 A46 2020/03/16 (Linux/64)
    * Origin: Card and Claw BBS | cardandclaw.com:8888 (21:4/158)
  • From Nitro@21:1/190 to Alpha on Mon Mar 23 18:37:47 2020
    Question: how does this differ from using mystic's built-in email validator (e.g. for new users)? Does it trigger validation when the user is signing in from an unrecognized IP address? Thanks in advance for educating me :)

    mystic has a built in validator? where might i find that?

    Regards,
    Nitro

    --- Mystic BBS v1.12 A46 2020/03/22 (Windows/32)
    * Origin: Abacus BBS (21:1/190)
  • From Embalmed@21:4/166 to Nitro on Mon Mar 23 22:31:17 2020
    Thank you I will have a look there, I could not connect to blacklodgeresearch.org:4022 for some reason

    Odd, it's definitely up, you can use the ftweb client also from https://blacklodgeresearch.org/bbs

    |07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
    |09Black Lodge Research BBS |11blacklodgeresearch.org:4022
    |11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

    --- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
    * Origin: Black Lodge Research BBS (21:4/166)
  • From Embalmed@21:4/166 to Alpha on Mon Mar 23 22:33:23 2020
    Question: how does this differ from using mystic's built-in email validator (e.g. for new users)? Does it trigger validation when the user is signing in from an unrecognized IP address? Thanks in advance for educating me :)

    this is on top of email validation, there is a different flag for whether a user has enrolled in 2factor. If it's setup on the account it will hangup
    (as long as hangup=True as Analog pointed out) and not let a user login. It also gives the option to send a mail to the sysop if for some reason they
    can't login and need to send a message (like they lost their phone or
    whatever)

    So basically it's opt-in second layer of required authentication

    |07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
    |09Black Lodge Research BBS |11blacklodgeresearch.org:4022
    |11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

    --- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
    * Origin: Black Lodge Research BBS (21:4/166)
  • From Embalmed@21:4/166 to Nitro on Mon Mar 23 22:37:09 2020
    mystic has a built in validator? where might i find that?

    Mystic has the -V function to validate email address. If validated you can have it auto-escalate the user privilege to the level in you put in the data field, so mine I have
    Action List Access Data
    -Y Ask Yes/No (default Y !s20!OV Validate Email Address?
    -V Validate e-mail address OK|OV 20


    I have that in my prelogin

    |07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
    |09Black Lodge Research BBS |11blacklodgeresearch.org:4022
    |11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

    --- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
    * Origin: Black Lodge Research BBS (21:4/166)
  • From Nitro@21:1/190 to Embalmed on Mon Mar 23 23:01:26 2020
    Mystic has the -V function to validate email address. If validated you can have it auto-escalate the user privilege to the level in you put in the data field, so mine I have
    Action List Access Data

    So does that mean my system sends them an email? so that is something id configure in servers? apologies i just have dove that deep in mystic yet.

    Regards,

    Nitro

    --- Mystic BBS v1.12 A46 2020/03/22 (Windows/32)
    * Origin: Abacus BBS (21:1/190)
  • From Alpha@21:4/158 to Nitro on Tue Mar 24 03:30:48 2020
    mystic has a built in validator? where might i find that?

    There was actually a thread here quite recently that out lined the steps (I just used it to set it up on my BBS!). I think it was called "email
    validation" or something...

    A few simple steps:

    Setting up SMTP in Servers > General Options (not Configure Servers section). FYI mystic uses "sysop@<your domain>.com" as the SMTP address, make sure that address exists on your SMTP server (e.g. Gmail or whatever).

    BTW - I ended up spinning up my own mail server on Hostwinds using this tutorial: https://bit.ly/2WD12XG - works great, but there were some gotchas
    in setup. But now I have on-brand email addresses :)

    Then you need to add the menu commands to the PRELOGIN menu, I ended up using the way g00r00 and others instructed in the message thread... For example:

    Added these actions under default (NS) Action:

    Use display my own help screen:
    Command: (GD) Display a file
    Access: !OV
    data: validate

    Then as if the user wants to validate for better access:
    Command: (-Y) Ask Yes/No
    Access: !OV
    data: |CR Validate email address now?

    If yes, do validation:
    (-V) Validate email address
    Access: OK!OV
    Data: 20

    When successful, it bumps the user to level 20.
    If not successful, they get reminded every time to login to validate.
    You could also add a menu item to check for !OV

    I also went in and added a "validated" date to existing users just so they wouldn't get prompted, and possible have their level reduced lol.

    Hope that helps!

    I am curious if there is a benefit to 2FA mod tho?

    |08.|07..|15.. |05Alpha |07- |13Card & Claw BBS |07- |08Berkeley, CA USA

    --- Mystic BBS v1.12 A46 2020/03/16 (Linux/64)
    * Origin: Card and Claw BBS | cardandclaw.com:8888 (21:4/158)
  • From Alpha@21:4/158 to Nitro on Tue Mar 24 15:03:37 2020
    So does that mean my system sends them an email? so that is something id configure in servers? apologies i just have dove that deep in mystic yet.

    That's right. You need to set up SMTP in Servers > General Options as I noted in my previous message, and also have access to SMTP relay server -- you
    can do this with a Gmail account (Google SMTP Gmail) or you can setup your own mailserver on a virtual machine, as I decided to do.

    One gotcha is that many host providers block the necessary port 25 (thanks, spammers) but I use Hostwinds which does not, and has not limits on the
    number of emails you can send. I have a dynamic IP, which is complicated to setup a mailserver locally, so I opted for using a hosting provider. I'm planning on using it for more than just the BBS, so it's worth the $8
    USD/month for me.

    Cheers,

    |08.|07..|15.. |05Alpha |07- |13Card & Claw BBS |07- |08Berkeley, CA USA

    --- Mystic BBS v1.12 A46 2020/03/16 (Linux/64)
    * Origin: Card and Claw BBS | cardandclaw.com:8888 (21:4/158)
  • From gallaxial@21:1/129 to Embalmed on Tue Mar 24 11:17:12 2020
    On 23 Mar 2020, Embalmed said the following...

    mystic has a built in validator? where might i find that?

    Mystic has the -V function to validate email address. If validated you can have it auto-escalate the user privilege to the level in you put in the data field, so mine I have
    Action List Access Data
    -Y Ask Yes/No (default Y !s20!OV Validate Email Address?
    -V Validate e-mail address OK|OV 20

    Like this ?

    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ Command Options ▀▀▀▀▀▀▀▀▀

    Command │ (-V) Validate e-mail address
    Data │ 20
    Access │ OK|OV
    Grid Event │ Selected

    --- Mystic BBS v1.12 A46 2020/03/18 (Windows/64)
    * Origin: SpaceSST BBS (21:1/129)
  • From Nitro@21:1/190 to gallaxial on Tue Mar 24 09:56:47 2020
    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ Command Options ▀▀▀▀▀▀▀▀▀

    Command │ (-V) Validate e-mail address
    Data │ 20
    Access │ OK|OV
    Grid Event │ Selected

    --- Mystic BBS v1.12 A46 2020/03/18 (Windows/64)

    OK now I will demonstrate my complete ignorance, where is the name and
    location of that file? I see the line numbers referenced in a lot of the whatsnew txt but I do not recall the file it references.

    Regards,

    Nitro

    --- Mystic BBS v1.12 A46 2020/03/22 (Windows/32)
    * Origin: Abacus BBS (21:1/190)
  • From Embalmed@21:4/166 to Nitro on Tue Mar 24 10:26:23 2020
    So does that mean my system sends them an email? so that is something id configure in servers? apologies i just have dove that deep in mystic yet.

    Yes, and you have to have mystic set up to point SMTP somewhere, I just run sendmail locally on the box and have it deliver that way.

    |07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
    |09Black Lodge Research BBS |11blacklodgeresearch.org:4022
    |11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

    --- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
    * Origin: Black Lodge Research BBS (21:4/166)
  • From Embalmed@21:4/166 to Nitro on Tue Mar 24 10:28:05 2020
    OK now I will demonstrate my complete ignorance, where is the name and location of that file? I see the line numbers referenced in a lot of the whatsnew txt but I do not recall the file it references.

    I edited the prelogin menu

    |07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
    |09Black Lodge Research BBS |11blacklodgeresearch.org:4022
    |11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

    --- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
    * Origin: Black Lodge Research BBS (21:4/166)
  • From Validator@21:1/190 to Embalmed on Tue Mar 24 11:05:44 2020
    I edited the prelogin menu


    Son of a gun I got it working, here is my first validated account!!
    Thank you everyone!

    Validator (Nitro)<VBG>

    --- Mystic BBS v1.12 A46 2020/03/22 (Windows/32)
    * Origin: Abacus BBS (21:1/190)
  • From Nitro@21:1/190 to Embalmed on Tue Mar 24 11:25:52 2020
    I edited the prelogin menu

    I may have claimed victory a little soon, I just logged into my board as the sysop and it asked me to validate my email address? The other thing I
    noticed was when I highlighted NO to the prompt it still sent me an email. I guess the hard part is working getting it to actually send the email?? Any ideas or suggestions as to not ask users that have an ACS higher than 10?

    Regards,

    Nitro

    --- Mystic BBS v1.12 A46 2020/03/22 (Windows/32)
    * Origin: Abacus BBS (21:1/190)
  • From Analog@21:2/123 to Nitro on Tue Mar 24 12:41:27 2020
    Thats right I cant login to your bbs as I dont have a code and have not been validated?

    Hey Nitro,

    You want in do you?

    |20|15┌─|16|08┤ |08De|07ad|15be|07a|08tz b|07b|15s
    |08└─┘├─┐ |08:>.|07A|08rk |0710|08:|07101|08/|0714|08.
    |04■ |08└|20|15─|16|08┘ |08:>.|10A|02gn |1046|08:|101|08/|10123|08.
    |04A|07n|15al|07o|08g |08:>.|12F|04sx |1221|08:|122|08/|12123|08.
    |04.|08dPR|04. |08:>.|15S|07ci |1577|08:|151|08/|15131|08. |04░▒░|08▒██▄▌|08:>.|11T|03qw |111337|08:|113|08/|1113|08.

    --- Mystic BBS v1.12 A45 2020/02/09 (Linux/64)
    * Origin: deadbeatz.org (21:2/123)
  • From Alpha@21:4/158 to Validator on Tue Mar 24 18:38:20 2020
    Son of a gun I got it working, here is my first validated account!!
    Thank you everyone!

    Nice work!

    |08.|07..|15.. |05Alpha |07- |13Card & Claw BBS |07- |08Berkeley, CA USA

    --- Mystic BBS v1.12 A46 2020/03/16 (Linux/64)
    * Origin: Card and Claw BBS | cardandclaw.com:8888 (21:4/158)
  • From Nitro@21:1/190 to Analog on Tue Mar 24 13:36:22 2020
    You want in do you?


    oh yes more than anything! <VBG>

    Nitro

    --- Mystic BBS v1.12 A46 2020/03/22 (Windows/32)
    * Origin: Abacus BBS (21:1/190)
  • From Embalmed@21:4/166 to Nitro on Wed Mar 25 10:40:14 2020
    email?? Any ideas or suggestions as to not ask users that have an ACS higher than 10?
    I think you would have to put !'s for every security level you have above 10 !s20!s30!s40 or whatever you are using. I wish there was a way to say if someone is already 20 or higher don't do this, but I do not believe such a thing exists.

    |07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
    |09Black Lodge Research BBS |11blacklodgeresearch.org:4022
    |11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

    --- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
    * Origin: Black Lodge Research BBS (21:4/166)
  • From Analog@21:2/123 to Embalmed on Wed Mar 25 14:51:27 2020
    email?? Any ideas or suggestions as to not ask users that have an AC higher than 10?

    I think the correct way to do something like only level 5 but less than 20,
    is:
    s5!s20
    Then anything 20+ is safe.

    |20|15┌─|16|08┤ |08De|07ad|15be|07a|08tz b|07b|15s
    |08└─┘├─┐ |08:>.|07A|08rk |0710|08:|07101|08/|0714|08.
    |04■ |08└|20|15─|16|08┘ |08:>.|10A|02gn |1046|08:|101|08/|10123|08.
    |04A|07n|15al|07o|08g |08:>.|12F|04sx |1221|08:|122|08/|12123|08.
    |04.|08dPR|04. |08:>.|15S|07ci |1577|08:|151|08/|15131|08. |04░▒░|08▒██▄▌|08:>.|11T|03qw |111337|08:|113|08/|1113|08.

    --- Mystic BBS v1.12 A45 2020/02/09 (Linux/64)
    * Origin: deadbeatz.org (21:2/123)
  • From Bucko@21:4/131 to Embalmed on Wed Mar 25 20:58:30 2020
    On 25 Mar 2020, Embalmed said the following...
    I think you would have to put !'s for every security level you have
    above 10 !s20!s30!s40 or whatever you are using. I wish there was a
    way to say if someone is already 20 or higher don't do this, but I do
    not believe such a thing exists.


    This is a way, I am not using the program in question here, but I am using
    the built in way, I put in my -V line in access S10|S15, I don't have a S15 access level so it only checks users who are set between 10 and 15 anyone
    over 15 does not get checked...

    --- Mystic BBS v1.12 A45 2020/02/18 (Windows/32)
    * Origin: The Wrong Number Family Of BBS' - Wrong Number ][ (21:4/131)