Date: 18 Mar 2002 12:06:45 +0100 From: Dag-Erling Smorgrav <des@ofug.org> To: Mark Murray <mark@grondar.za> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/crypto/openssh auth-skey.c Message-ID: <xzp7koanni2.fsf@flood.ping.uio.no> In-Reply-To: <200203181059.g2IAxfH5001916@grimreaper.grondar.org> References: <xzplmcqnoea.fsf@flood.ping.uio.no> <200203181059.g2IAxfH5001916@grimreaper.grondar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Mark Murray <mark@grondar.za> writes: > > I don't think we've ever used PAM for S/Key authentication, have we? > No - but we use PAM for OPIE, and this file is used for OPIE (as you > saty above). What I mean is that our version of OpenSSH has never used PAM for what it calls S/Key, which in our tree is actually OPIE. ISTR Eivind ran into some trouble related to this when he first PAMified OpenSSH, regarding assumptions that challenge / response based authentication had to be S/Key. As far as I can determine, this was still true of OpenSSH 2.9 but is no longer true of OpenSSH 3.1, which has an elaborate mechanism for defining new authentication methods (gee, you'd think they'd heard of PAM...) I'm going to see if I can make PAM fit into this mechanism instead of hacking it into auth[12].c and session.c like we do now. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzp7koanni2.fsf>