Re: MD5 v. Shadow (was: Re: SSH w/ Pam?)

On Sat, 18 Jan 1997, Ken Seefried wrote:

> Greg Boehnlein wrote:
> > 
> > ARGHH!!! SSH is a neccessity here! It used to work without Shadow
> > Passwords under RedHat 4.0 and 4.1. I guess this means that I have 
> > to go back to using Non-Shadowed passwords!
> > 
> Perhaps an ignorant question, but with MD5 passwords is shadowing 
> as vital as it was with crypt?

Hmm... Well, I've temporarily gone back to non-shadowed passwords, and
re-compiled the Pam 0.56 source with a DEFAULT_USER_PROMPT of "Please
enter login:" instead of "Please enter username: ".

I'm back to using Z-pop (which rocks) and SSH without problems, but I
don't feel comfortable yet using the Shadow / MD% stuff on this machine.
I've got Cracklib working on it now, and will be porting my existing 85
meg library files over, but I don't yet feel comfortable enough to use it
in a production environment. Especially since I am using a couple of
Binary Only commercial packages that don't support PAM yet.

Can I make a "suggestion" to the Pam maintainers?

The majority of Unix systems that I have every accessed use the "login:"
prompt rather than a "username:" prompt. Since PAM comes configured to
issue a "username:" many pre-configured software that is scripted to look
for "login:" begins to fail. UUCP, Automated Dial In scripts etc..

Can I suggest that PAM use a default prompt of "Please enter login: "? to
help maintain some consitency accross Unix platforms? I realize it may be
a legacy issue, but it will certainly avoid headaches in the future. It
took me about 45 minutes to grab the PAM source, install it, read through
the READMES to understand what I was about to do and the hunt down the
appropriate header file to change the default prompt. Finally, UUCP was
working again and my phones stopped ringing off the hook.

Also, and on a side note, I have RedHat 4.0 installed on this machine and
building the SOURCE RPM fails when it attempts to create the HTML
documentation. I don't beleive I have the "sgml2html" program on my
machine. Where should I get this?

      President of New Age Consulting Service, Inc.  Cleveland Ohio
             SLIP/PPP/Unix Shell   28.8k / ISDN / Leased Line
           http://www.nacs.net   info@nacs.net   (216)-524-8414

