[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: login bug ?

Michael K. Johnson writes:
> Elliot Lee writes:
> >I think basically what is happening is that he has to ask for a different
> >password for S/Key than for UNIX (the prompt has to be different).
> Do you mean that it needs *two* passwords for one session?  I don't
> know that the ftp protocol is designed to handle that.  I know that
> several other network protocols definitely aren't.

You are correct. The ftp protocol can't handle it. You need to pass
the S/Key / Password to the UNIX module. When I hacked up ftpd while
at Sun I made it such that the password given in response to the PASS
command was passed to the UNIX module as-is. That way you could either
type your S/Key response *or* your UNIX password to use ftp.

In order to make this work with login, you could probably use the
"try_first_pass" option (is that in the Linux PAM? I really should
check it out in detail when I get a chance :-) That way if the
password you use first is your S/Key response, and if it is incorrect
then the UNIX module would try it, then prompt if it failed.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []