[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: ssh and md5.



SinVraal wrote:
> Hello all.  I wasn't really able to get too much info from the ssh list on
> this, but I'd like to use ssh with md5 passwords, so I could try to move
> my whole system to them (save xdm for now though!). 

This has been a concern for me too. I would like to have a PAM aware sshd.
Unfortunately, there are apparently some problems with reorganizing the code
to do things the PAM way, so currently, we are all waiting for a next
generation of ssh.

I've been thinking a lot about this lately and have wondered if it would be
impossible to simply replace the password checking in sshd with a simple:

	pam_start()
	pam_authenticate()
	pam_end()

In this way, we'd at least get the pluggable "authentication" which would be
enough to do md5 passwords in the way that you (and I) want.

> because he thought it just called the crypt(3) function which is

I guess you could also rebuild sshd but linking it against a crypt
replacement...

Cheers

Andrew
-- 
               Linux-PAM, libpwdb, Orange-Linux and Linux-GSS
                  http://parc.power.net/morgan/index.html
       [ For those that prefer FTP  ---  ftp://ftp.lalug.org/morgan ]



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []