[19728] in Kerberos
Re: which krb5 PAM module on Solaris 8?
daemon@ATHENA.MIT.EDU (=?ISO-8859-1?Q?G=C1L_Bal=E1zs?=)
Fri Aug 1 13:33:40 2003
Message-ID: <3F2AA269.4000105@rit.bme.hu>
Date: Fri, 01 Aug 2003 19:24:57 +0200
From: =?ISO-8859-1?Q?G=C1L_Bal=E1zs?= <balsa@rit.bme.hu>
MIME-Version: 1.0
To: Tim Mooney <mooney@dogbert.cc.ndsu.NoDak.edu>, kerberos@MIT.Edu
In-Reply-To: <Pine.OSF.4.53.0307311557440.378206@dogbert.cc.ndsu.NoDak.edu>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 8bit
Errors-To: kerberos-bounces@mit.edu
Tim Mooney írta:
> All-
>
> I'm looking for recommendations on which krb5 PAM module I should use
> on a sparc box I'll be reinstalling with Solaris 2.8 in a couple weeks.
pam-krb5.sf.net. This is an enhanced version of RedHat's pam_krb5.
I will release rc8 in this weekend, it will contains many workarounds
for the solaris pam implementation, so I recommend it.
> I do understand the implications of using a krb5 PAM module to
> authenticate services like telnet.
>
> I need a source-available module (so the stuff that's part of SEAM isn't
> going to do it for me, I don't think), because I need to hack in some
> calls to ldap, to check for authorization.
Why dont use unix groups for authorization? There are few pam module now
which implement authorization based on unix groups.
balsa
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
