Date: Wed, 10 Jun 1998 17:57:42 -0300 (ADT) From: The Hermit Hacker <scrappy@hub.org> To: Dom Mitchell <dom@myrddin.demon.co.uk> Cc: "Matthew N. Dodd" <winter@jurai.net>, Wm Brian McCane <root@bmccane.maxbaud.net>, isp@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Radius login via getty Message-ID: <Pine.BSF.3.96.980610175658.317B-100000@thelab.hub.org> In-Reply-To: <E0yjqRl-0000I9-00.qmail@myrddin.demon.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 10 Jun 1998, Dom Mitchell wrote: > "Matthew N. Dodd" <winter@jurai.net> writes: > > Touching on this subject was a previous discussion of policy based login > > handeling. (when/where/method based restrictions) > > > > Was there ever a design proposal submited? > > > > We have a number of different combinations to resolve and a solution that > > is configurable not unlike IPFW (rule chains) might be a win. > > [snip] > > > We've got a number of different authentication systems to choose from as > > well (and must take into account their needs.) > > > > - flatfile username/password (normal, default fallback etc) > > - YP/NIS > > - NIS+ > > - S/Key > > - .rhosts > > - RSA (via ssh) > > - Kerberos 4 > > - Kerberos 5 > > - Radius > > - LDAP? > > - External database/flatfile etc? > > - ACE/SecureID > > Really, what we're looking at here, is something like Solaris' > /etc/nsswitch.conf. However, that does bring a whole baggage of Actually, I believe that solaris is moving towards using PAM for all this too...each of the above, I believe, already has a pam module out there for it... Marc G. Fournier Systems Administrator @ hub.org primary: scrappy@hub.org secondary: scrappy@{freebsd|postgresql}.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980610175658.317B-100000>