[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: PAM and Kerberos

> Yes, but I'm assuming that PAM will take the world by storm and
> /bin/login will be doing the right thing everywhere. :)

I can't make this assumption.  I have to assume that the machines I am
working with can be upto 20 years old and won't have PAM support.

> In fact, MIT's telnetd, if modified to call /bin/login with -f
> <username> when doing valid authentication, should work.

Unfortunately, we can't rely on /bin/login supporting -f and even if
we did /bin/login would not know how to handle the tickets.  That is
why I need to build the functionality into telnetd.  But I can't only
support the PAM extensions you want to create.  I need to secure that
machines that have been deployed over the last couple of decades.
They aren't just going to go away.

                  Jeffrey Altman * Sr.Software Designer
                 The Kermit Project * Columbia University
               612 West 115th St * New York, NY * 10025 * USA
     http://www.kermit-project.org/ * kermit-support@kermit-project.org

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []