Re: getpwnam with md5 encrypted passwds
From: Terry Lambert (tlambert2_at_mindspring.com)
Date: 11/27/03
- Previous message: Daniel O'Connor: "Re: NFS Flags Oddity"
- In reply to: Clifton Royston: "Re: getpwnam with md5 encrypted passwds"
- Next in thread: Clifton Royston: "Re: getpwnam with md5 encrypted passwds"
- Reply: Clifton Royston: "Re: getpwnam with md5 encrypted passwds"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 26 Nov 2003 23:10:01 -0800 To: Clifton Royston <cliftonr@tikitechnologies.com>
Clifton Royston wrote:
> If you will need to do authentication after your program drops
> privileges, your best course is probably to go through PAM, to install
> a separate daemon which implements a PAM-supported protocol and which
> runs with privileges, and then to enable that protocol as a PAM
> authentication method for your application.
[ ... RADIUS example with LDAP mention ... ]
Sounds like a good approach, though I'll point out that had
you tried LDP, you would have been hard-put to use LDAP as a
proxy protocol to another authentication base (a PAM backend
for an LDAP server, while not quite impossible, would be very
hard).
How did you avoid the recursion problem of the RADIUS server
trying to authenticate via pam_radius to the RADIUS server
tyring to authenticate ...
-- Terry?
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"
- Previous message: Daniel O'Connor: "Re: NFS Flags Oddity"
- In reply to: Clifton Royston: "Re: getpwnam with md5 encrypted passwds"
- Next in thread: Clifton Royston: "Re: getpwnam with md5 encrypted passwds"
- Reply: Clifton Royston: "Re: getpwnam with md5 encrypted passwds"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
