[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: ssh with pam support..


Matt wrote:
> My current problem with pam is allowing people to migrate from Unix
> passwords (anykind) to kerberos passwords.  How would I construct the
> config file to accept a password from one auth method and write it with
> another, deleting the old password at the same time.  This needs to be
> done with two seperate modules as I am migrating from shadowed passwords
> to kerberos passwords.  Any ideas or suggestions?  Or am I making a custom
> version of the passwd program?

I'd guess that a custom module is in order and something like the
following scheme:


	auth  sufficient	pam_kerberos.so
	auth  required		pam_pwdb.so
	auth  required		pam_migrate_me.so

The last module needs to read the PAM_AUTHTOK and do all the necessary
things to migrate the password as part of the authentication process.


new job - new sig file under construction...

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []