[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: How to save a copy of user's input password?



On Tue, Jul 21, 2009 at 2:56 PM, Thorsten Kukuk<kukuk suse de> wrote:
> On Tue, Jul 21, Andy wrote:
>
>> On Tue, Jul 21, 2009 at 1:53 PM, Thorsten Kukuk<kukuk suse de> wrote:
>> > On Tue, Jul 21, Andy wrote:
>> >
>> >> Hi all,
>> >> My pam version is 1.1.0, I use it to authenticate users.
>> >> My case is, when pam finished it's auth, that is after
>> >> pam_authenticate(pamh, o) & pam_acct_mgmt(pamh, 0),
>> >> I want to save a copy of user's password if it's valid, but I can not
>> >> find any API to fulfill my needs.
>> >> I tried pam_get_item(pamh, PAM_AUTHTOK, (const void
>> >> **)&copy_of_passwd), but it returns a "bad item passed to
>> >> pam_*_item()", now I have no idea. :(
>> >
>> > As written in the documentation, this is not possible. And
>> > as your application does not know in which form the authentication
>> > was done, it doesn't make sense, too. Who says that a password
>> > was used for authentication? The admin could have decided to
>> > use finger prints instead or whatever else.
>> >
>>
>> But now, in PAM, "pam_authenticate(...)" function gives a promt
>> "Password:" to let the user type in a password,
>
> One of the configured PAM modules is asking that, but you can
> always replace that module with something different.
>
>> we really have no way to get a copy of user's input ?
>
> No, there is not. Read the documentation.
>
>> I saw some code in google, something like below:
>
> That's code for a PAM module, not a PAM aware application.
>
>> I guess this may try to retrieve a copy of  authtok(password ??), but
>> now ( version1.1.0 ), PAM_AUTHTOK seems not be supported anymore.
>
> Not anymore, it was never.
>
> You should really start reading the PAM documenation, especially
> the application writer guide.
>
>  Thorsten
>

Yes, I should spend some time on the doc first.
Thanks for your time, really appreciate your reply.

-Andy


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]