In message <199811221833.NAA10304@istari.sandelman.ottawa.on.ca>, "Michael C. R
ichardson" writes:
>  I think that this is a very useful thing to have. A problem with the use
>of login_foo is that ftpd, sshd, etc.. can't easily use it. Or is the
>interface more complicated than deal with stdin/stdout, and do the right
>thing?

There's a library routine that programs can call to "do the right thing".

     #include <login_cap.h>
     #include <bsd_auth.h>

     int
     auth_userokay(char *name, char *style, char *type, char *password);

     auth_session_t *
     auth_userchallenge(char *name, char *style, char *type,
             char **challengep);

     int
     auth_userresponse(auth_session_t *as, char *response, int more);

     int
     auth_approval(auth_session_t *as, login_cap_t *lc, char *name,
             char *type);

     int
     auth_cat(char *file);

     void
     auth_checknologin(login_cap_t *lc);

     char *
     auth_mkvalue(char *value);

The man page is also BSD-licensed.

If a program doesn't know about BSD Authentication, it will presumably
just try regular crypt-type password authentication.  That works for most
users anyway.  However, as system utilities get modified to use this, they
gain extra features.

-s