[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Post-password authentication?



Dan Hollis writes:
>I would like to do post-password authentication by checking against the
>remote host's IP. It seems there should be a way to do this with PAM but
>the docs about stacking modules is too obscure (or I'm too dense :-)

It will work, but only for apps that set PAM_RHOST -- and telnet doesn't.

You can get it to work for rlogin with something like
# rlogin authorization
rlogin auth       required     /lib/security/pam_securetty.so
rlogin auth       required     /lib/security/pam_nologin.so
rlogin auth       required     /lib/security/pam_unix_auth.so
rlogin auth       required     /lib/security/pam_rhosts_auth.so
rlogin account    required     /lib/security/pam_unix_acct.so
rlogin password   required     /lib/security/pam_unix_passwd.so
rlogin session    required     /lib/security/pam_unix_session.so

michaelkjohnson

"Ever wonder why the SAME PEOPLE make up ALL the conspiracy theories?"




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []