From owner-freebsd-stable Fri Mar 26 15:15:13 1999 Delivered-To: freebsd-stable@freebsd.org Received: from lepton.nuc.net (lepton.nuc.net [204.49.61.5]) by hub.freebsd.org (Postfix) with ESMTP id 4E87115092 for ; Fri, 26 Mar 1999 15:15:10 -0800 (PST) (envelope-from wheelman@nuc.net) Received: from electron (dhcp1.ecofl.com [204.49.61.49]) by lepton.nuc.net (8.8.8/8.8.8) with SMTP id RAA29005; Fri, 26 Mar 1999 17:14:46 -0600 (CST) (envelope-from wheelman@nuc.net) From: "Jaime Bozza" To: "John Polstra" Cc: Subject: RE: PAM and Apache Date: Fri, 26 Mar 1999 17:13:03 -0600 Message-ID: <001801be77de$33134ae0$313d31cc@nuc.net> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2014.211 In-reply-to: Importance: Normal Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Well, I'm sure you understand the basic problem. The > /etc/master.passwd file is readable only by root, so you have to be Yep! I was just sort of hoping I could get away with a pre-made module that would do it directly. :) Don't worry, I would rather have the password database tightly secured, so in a way I'm glad it's this difficult. > One possibility for you would be to run a RADIUS server (as root, of > course) on the same machine, and use the pam_radius module to contact > it. Most (if not all) of the RADIUS servers can be configured to > authenticate via the passwd file. That's exactly what I switched over to. I set up a mini RADIUS server that does nothing but authenticate via the password file and only accepts requests from the same system. Everything appears to be working fine now. :) Jaime Bozza Nucleus Communications To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message