help with remote auth / fail over password sync
Nate Yocom
nate at yocom.org
Thu Jan 19 19:20:15 UTC 2006
Chris Stankaitis wrote:
> I am using a remote auth system (pgina) which has a pam module which
> allows me to auth users against a remote server, is it possible to do
> the following:
>
This may be more appropriate on the pGina list
(pgina-general at lists.sourceforge.net) - I've included it in this reply,
but if the answer does not suffice we should perhaps continue discussion
there.
> If Auth response from the server = OK & the client password and server
> password differ take the server password as 'proper' and update the
> clients shadow file to sync the passwords.
>
So essentially what your asking is whether a pam module (in this case
the pgina pam client module) can force a password change to somewhere
(the local /etc/shadow for instance) upon successful authentication.
The answer is yes, with changes to the module itself. There is (to my
knowledge) no way to do this automatically through existing PAM
facilities. Hence I say this may be more appropriate on a mailing list
specific to that module ;)
Nate
More information about the Pam-list
mailing list