[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PAM and SSL



Its definitely not something that is officially supported (it wasn't
part of the original spec, and no one has tried it out with anything
real so it could be very buggy), but take a look at the pam_filter
module.

Cheers

Andrew

Jan Vicherek wrote:
> 
>  Hi,
> 
> 1) Is there away to authenticate and authorize an incoming SSL connection
> through PAM (i.e. check for valid certificate)
> 
> 2) Is there any provision (I would guess in the "session management") in
> PAM to intercept and process (e.g. encryption+decryption) of a file
> descriptor, such as STDIN+STDOUT ?
> 
>  The two above would SSL-enable any application without recompiling it !
> (I guess certificates would have to contain the username for
> identification.)
> 
>  Would it take major restructurization of PAM to achieve 1) and 2) ? Would
> it be a bad move ? (It looks to me like a reasonable move.)
>  If the answer of any of the previous question is yes, is there any way at
> all ( I guess a not-so-clean way ) to make PAM do this for me ?
> 
>       Thanx,
> 
>           Jan
> 
> --
> -- Gospel of Jesus is the saving power of God for all who believe --
>                ## To some, nothing is impossible. ##
>                   http://Vicherek.Waterloo.on.ca/
> 
> --
> To unsubscribe: mail -s unsubscribe pam-list-request@redhat.com < /dev/null



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []