[14604] in Kerberos
Re: canonical kerberos pam module for solaris 2.7 ?
daemon@ATHENA.MIT.EDU (Nicolas Williams)
Wed Jun 27 11:25:39 2001
Date: Wed, 27 Jun 2001 11:21:34 -0400
From: Nicolas Williams <Nicolas.Williams@ubsw.com>
To: David Thompson <thomas@cs.wisc.edu>
Cc: Martin Schulz <schulz@iwrmm.math.uni-karlsruhe.de>, kerberos@MIT.EDU
Message-ID: <20010627112132.D9416@sm2p1386swk.wdr.com>
Mail-Followup-To: David Thompson <thomas@cs.wisc.edu>,
Martin Schulz <schulz@iwrmm.math.uni-karlsruhe.de>,
kerberos@MIT.EDU
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <200106271455.JAA08486@pongo.cs.wisc.edu>; from thomas@cs.wisc.edu on Wed, Jun 27, 2001 at 09:55:08AM -0500
On Wed, Jun 27, 2001 at 09:55:08AM -0500, David Thompson wrote:
> Nicolas Williams wrote:
> >
> >There's been some discussion (on the Linux-PAM list) about the need for
> >a module that can support AFS with krb5. I think the most desirable
> >approach would be to have a pam_afs which uses a [temporary] ccache
> >created by pam_krb5 to do its thing.
> >
>
> It's been on my list for some time to write two modules, one to do the krb5
> authentication (or perhaps use an existing krb5 pam module), and a separate
> afs module which would use the krb5 credentials if available, otherwise do a
> direct authentication against the kaserver.
Please look at the existing implementations of pam_krb5 first. One of
them may be close enough to your ideal of pam_krb5 (and licensed in a
way that suits you) that you could work on it and save yourself some
work.
> --
> Dave Thompson <thomas@cs.wisc.edu>
>
Cheers,
Nico
--
.
Visit our website at http://www.ubswarburg.com
This message contains confidential information and is intended only
for the individual named. If you are not the named addressee you
should not disseminate, distribute or copy this e-mail. Please
notify the sender immediately by e-mail if you have received this
e-mail by mistake and delete this e-mail from your system.
E-mail transmission cannot be guaranteed to be secure or error-free
as information could be intercepted, corrupted, lost, destroyed,
arrive late or incomplete, or contain viruses. The sender therefore
does not accept liability for any errors or omissions in the contents
of this message which arise as a result of e-mail transmission. If
verification is required please request a hard-copy version. This
message is provided for informational purposes and should not be
construed as a solicitation or offer to buy or sell any securities or
related financial instruments.
