Date: Tue, 10 Mar 1998 18:00:42 -0800 From: Mike Smith <mike@smith.net.au> To: Mike Smith <mike@smith.net.au> Cc: Robert Watson <robert+freebsd@cyrus.watson.org>, Mark Mayo <mark@vmunix.com>, Andrzej Bialecki <abial@nask.pl>, tcobb@staff.circle.net, hackers@FreeBSD.ORG, msmith@FreeBSD.ORG Subject: Re: PAM? Message-ID: <199803110200.SAA21163@dingo.cdrom.com> In-Reply-To: Your message of "Tue, 10 Mar 1998 17:52:56 PST." <199803110152.RAA21109@dingo.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > Ah, but it is! To support PAM, you have to modify your authenticating > > servers to support PAM. Many servers shipped with FreeBSD already support > > Kerberos due to the eBones and KTH distribution inclusion. If the goal is > > to support shared secret cards, then Kerberos can be used as a mechanism > > to carry the authentication request, and have tickets to carry around with > > you. > > No, it's not, and no, it can't. Oh *sigh*. I misread your argument. Yes, to support shared-secret cards, Kerberos should work just fine, and it would be a much more sensible vector to consider for FreeBSD systems. I couldn't actually recommend PAM for general use at this time. There are better special-purpose solutions available, and as a general-purpose solution PAM is not adequate. -- \\ Sometimes you're ahead, \\ Mike Smith \\ sometimes you're behind. \\ mike@smith.net.au \\ The race is long, and in the \\ msmith@freebsd.org \\ end it's only with yourself. \\ msmith@cdrom.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199803110200.SAA21163>