Date: Thu, 10 Oct 2002 09:59:54 -0300 From: Paulo Fragoso <paulo@nlink.com.br> To: amutsch@abaid.com Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Some questions about LDAP Message-ID: <200210100959.54455.paulo@nlink.com.br> In-Reply-To: <20021010124317.48272.qmail@fap.abaid.com> References: <200210100805.48949.paulo@nlink.com.br> <20021010124317.48272.qmail@fap.abaid.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday 10 October 2002 09:43, amutsch@abaid.com wrote: > I would use Radius for that. > Regards Andreas But pam_radius on client send packets without provide secure encrypted=20 communications between clients and servers. With LDAP we can add more specific information this way we can filter tha= t at=20 pam_ldap client, ex: # Filter to AND with uid=3D%s pam_filter ou=3Disdn-client > > Paulo Fragoso writes: > > Hi, > > > > We are thinking to change our /etc/(master.)passwd schema to LDAP, bu= t we > > have some doubts about security. We will have a LDAP server and some > > clients for only auth requests using pam_ldap. Is possible someone > > (hacker or root) logged into a client machine request all crypt passw= ords > > stored on LDAP server? > > > > What is the best way (security) to centralize our passwords for answe= r > > auth requests from a remote host using pam module? > > > > Thanks, > > Paulo. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200210100959.54455.paulo>