[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Using PAM to managed shared authentication



Thanks for your response. As it turns out we don't have to move on
this immediately. The hardware migration we are going to do is now
much less complex.

Anyhow, in the long run we are still interested in using a PAM type
solution for distributed information. To that end I wonder if you
would want any help?

Thanks for the info on passwd -N. It looks like RedHat 4.1 is not shipping
with that version yet. It's a good idea. In fact this whole PAM thing
is a great idea. I'm very impressed.

On Fri, 28 Mar 1997, Andrew G. Morgan wrote:

> Chris Dent wrote:
> > Both of these things seem theoretically possible, and I have it
> > working for someone who has both a kerberos instance and an entry in
> > the shadow file. For someone who is only list in the passwd file and
> > has a kerberos entry I can get login to work, but I don't seem to know
> > what I'm doing when it comes to setting up passwd. The problem seems
> > to be in getting PAM to be aware of someone who is not listed in the
> > shadow file.
> 
> I think that libpwdb is going to provide the solution (in the long term) to
> having distributed account information.
> 
> > Having a system where there are two passwd binaries, one that only
> > does kerberos, and one that does both kerberos and shadow, is
> > acceptable, but I'm not quite sure how that would work either.
> 
> I'm not sure which passwd binary Red Hat is shipping with 4.1, but 4.0 came
> from an older release of SimplePAMApps. The latest version now has a '-N'
> control flag that can be used to change the service name of the application. 
> In this way, you can use the passwd application to update one of a number of
> 'flavors' of account passwords by providing the corresponding extra service
> entries in your /etc/pam.{d/,conf} configuration files.. [Its all explained
> in the manual page.]
> 
> Hope that helps
> 
> Best wishes
> 
> Andrew
> -- 
>                Linux-PAM, libpwdb, Orange-Linux and Linux-GSS
>                   http://parc.power.net/morgan/index.html
>        [ For those that prefer FTP  ---  ftp://ftp.lalug.org/morgan ]
> 
> --
> To unsubscribe: mail -s unsubscribe pam-list-request@redhat.com < /dev/null
> 

..................
Chris Dent SysThug
Kiva Networking



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []