GNU Dictionary Server
After connecting to a remote server,
dico checks if
the server supports authentication and attempts to authenticate itself
if so. To do this
dico needs a set of parameters called
user credentials. The exact set of credentials depends on the
authentication mechanism being used, with user name and password being
the two most important ones.
The user credentials can be supplied from the following sources:
- Command line options --user and --password.
- An URL given as a command line argument (see user).
- Autologin files.
These three sources are consulted in that order, i.e., a user name supplied with the --user command line option takes precedence over the one found in an URL and over any names supplied by autologin files.
If, after consulting all these sources, the user name is
established, while the password is not, the resulting action
depends on whether the standard input is connected to a terminal.
If it is,
dico will ask the user to supply a password.
If it is not, authentication is aborted and connection to the server
Some authentication mechanisms require additional credentials. For example, GSSAPI authentication requires a service name. These credentials can be supplied only in autologin file.
Autologin file is a plaintext file that contains
authentication information for various DICT servers. At
most two autologin files are consulted: first the session-specific
file, if it is supplied by
autologin command (see autologin) or by the --autologin command line
option, next the default file .dicologin in the user’s home
directory. The default autologin file is examined only if
no matching record was found in the session-specific one.
The autologin file format is similar to that of .netrc file
Comments are introduced by a pound sign. Anything starting from ‘#’ up to the end of physical line is ignored.
Empty lines and comments are ignored.
Non-empty lines constitute statements. Tokens in a statement are separated with spaces, tabs, or newlines. A valid statement must begin with one of the following:
This statement contains parameters for authenticating on machine name.
This statement contains parameters for authenticating on any machine, except those explicitly listed in
machinestatements. There can be at most one
defaultstatement in autologin file. Its exact location does not matter, it will always be matched after all explicit
During the lookup,
dico searches the autologin file for a
machine statement whose name matches the remote server
name as given by --host command line option, host part of an
URL (see urls), or the argument to the
command (see open). If it reaches end of the
file without having found such an entry, it uses the
value, if available.
Once a matching entry is found, its subsequent tokens are analyzed. The following tokens are recognized:
Supply user name for this server.
Supply a password.
Do not perform authentication on this machine.
Enable SASL authentication.
Disable SASL authentication.
Declare acceptable SASL mechanisms. The list argument is a comma-separated list of mechanism names, without intervening whitespace. Multiple
mechanismsmay be given, in which case the corresponding lists are concatenated.
Declare service name, for authentication methods that need it. If this token is omitted, the default service name ‘dico’ is used.
Declare realm for authentication.
Set host name for this machine. By default, it is determined automatically.
Consider the following autologin entry, for example:
machine a.net user smith password guessme machine b.net sasl mechanisms gssapi,digest-md5 realm example.net service dico user smith password guessme default noauth
When connecting to the server ‘a.net’,
dico will attempt
the usual APOP authentication as user ‘smith’ with password
‘guessme’. When connecting to the machine ‘b.net’, it will
use SASL authentication, via either GSSAPI or
DIGEST-MD5 mechanisms, with realm name ‘example.net’,
service name ‘dico’ and the same user name and password, as for
The authentication mechanism is suppressed if the
option has been given in the command line, or a matching entry was
found in one of the autologin files, which contained the
This document was generated on April 24, 2019 using makeinfo.Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.