How auth the md5 password using pam
Martin
inkubus at interalpha.co.uk
Wed Nov 21 11:06:25 UTC 2007
> I have developed a PHP application using PAM auth , and whose config
> file in the /etc/pam.d is :
>
>
>
> #%PAM-1.0
>
> auth required pam_stack.so service=system-auth
>
> auth required pam_nologin.so
>
> account required pam_stack.so service=system-auth
You may also want to post the contents of /etc/pam.d/system-auth, seeing
as this uses it.
> I will send the username and password to a CGI program written by C
> language modules and PAM APIs.
Sorry; it's not clear (at least to me) what you mean. Does your PHP
application send the password to the C CGI program which then performs
the authentication using PAM. Or does the user send the password to the
C CGI program which performs the integration using PAM - if so what does
the PHP app have to do with it?
> Now I want to encrypt the password with md5, and send username and the
> MD5 encrypted password to CGI .
Firstly MD5 is not encryption, it's a hashing algorithm. Secondly if
you want to communicate securely with a web application, either from
another web application or from a PAM module, then you need to do more
than just encrypt the password; look up TLS and SSL.
> But I don’t know how to modify my PAM config file to make it support
> auth the MD5 password.
By the sounds of it, if you are trying to communicate passwords between
applications (I'd also suggest that this is never a very secure nor
sensible way of doing things), then this has nothing to do with PAM.
HTH
Cheers,
- Martin
More information about the Pam-list
mailing list