[19726] in Kerberos
Re: which krb5 PAM module on Solaris 8?
daemon@ATHENA.MIT.EDU (Wyllys Ingersoll)
Fri Aug 1 13:24:42 2003
Message-ID: <3F2A9FC0.3070801@sun.com>
Date: Fri, 01 Aug 2003 13:13:36 -0400
From: Wyllys Ingersoll <wyllys.ingersoll@sun.com>
MIME-Version: 1.0
To: Tim Mooney <mooney@dogbert.cc.ndsu.NoDak.edu>
In-Reply-To: <Pine.OSF.4.53.0307311557440.378206@dogbert.cc.ndsu.NoDak.edu>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
cc: kerberos@mit.edu
Errors-To: kerberos-bounces@mit.edu
Tim Mooney wrote:
> All-
>
> I'm looking for recommendations on which krb5 PAM module I should use
> on a sparc box I'll be reinstalling with Solaris 2.8 in a couple weeks.
>
> I do understand the implications of using a krb5 PAM module to
> authenticate services like telnet.
>
> I need a source-available module (so the stuff that's part of SEAM isn't
> going to do it for me, I don't think), because I need to hack in some
> calls to ldap, to check for authorization.
As Sam mentioned, why not use the SEAM pam_krb5 for your authentication and
write your custom authorization stuff part of the account module?
There have been alot of improvements in the SEAM pam_krb5 module
in the past year or so - most of which are avaialable by default in
s9 and some of which are available in Solaris 8 patches.
--
Wyllys Ingersoll
Sun Microsystems, Inc
PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xAF353913
Fingerprint: 92CD E875 59A0 798E ED9A D75B 303A 57F0 AF35 3913
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
