[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Integrating ftpd and pam_opie; not getting challenge?



I really doubt you're going to be able to do opie in ftp at all. OK, maybe
some sort of non rfc compliant hack, but...

Protocols like ftp are a little too strict in the form of the auth stuff
to do opie, if you ask me. Now, perhaps, for command line opie ftp use,
you could hack the server to output one of those lines that they use for
big long messages (230, right?) and stuff the opie key in there... and do
some wierd stuff like have the authentication "fail" the first time
through.. blah blah blah.. but all of this is a giant hack on the ftp
protocol, so of course pam isn't going to accomplish this sort of hack all
on its own.

There was some work done on pam and ssh, perhaps an opie'd scp would work
for you?

jim

-- 
[L]inux has an installed base conservatively estimated at around 3 million
users.... [V]endors say that most of the top companies in the US have bought
the OS - but that few will readily admit to running their multimillion-dollar
corporations on code put together by a band of software idealists. -- _Wired_

On Wed, 10 Jun 1998, Greg Owen {gowen} wrote:

> 
> 	Hello,
> 
> 	I'm trying to configure a system to use Andy Berkheimer's pam_opie
> module with ftpd.  The system is RedHat 5.0, PAM 0.59, pam_opie 0.21, OPIE
> 2.22.  I have read the archives of this list and the Linux-PAM
> Administrator's Guide, as well as done news/web searches, with no luck. 
> 
> 	I have compiled and installed pam_opie just fine; I configured
> "login" to use it and it works like a charm.  When I configure ftp to use
> it, however, I don't get a challenge.  If I know what sequence key I
> should use, and I use that for the password, I can successfully
> authenticate with ftp... but I figured out the sequence by peeking at
> /etc/opiekeys, which I can't very well do when I actually need to use it
> ;>.
> 
> 	Are there any special hooks I should know about to integrate OPIE
> (or, presumably, any module that has a challenge or preauth string) with
> ftpd?  Or do I need to compile a hardwired version of ftpd to use OPIE,
> thus bypassing all the good that PAM does?
> 
> 	Any help you can give is appreciated.
> 
> -- 
> 	gowen -- Greg Owen -- gowen@xis.xerox.com
> 
> -- 
> To unsubscribe: mail -s unsubscribe pam-list-request@redhat.com < /dev/null
> 



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []