Date: Sat, 5 Oct 2002 10:51:31 -0500 From: Bob Willcox <bob@immure.com> To: dmagda@ee.ryerson.ca Cc: Jamie Heckford <jamie@jamiesdomain.org.uk>, freebsd-stable@freebsd.org Subject: Re: sshd_config vs. PAM Message-ID: <20021005155131.GA8769@luke.immure.com> In-Reply-To: <864rc3f4ks.fsf@number6.magda.ca> References: <200209272135.g8RLZ3We005877@arch20m.dellroad.org> <002e01c26873$3d717a50$3264a8c0@BONG> <864rc3f4ks.fsf@number6.magda.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
BTW, is there a way to completely disable PAM on a system? IMHO, PAM helps prove my favorite theory that security times usability is a constant. Bob On Thu, Oct 03, 2002 at 08:08:51PM -0400, David Magda wrote: > "Jamie Heckford" <jamie@jamiesdomain.org.uk> writes: > > > I would very much like to see ssh completely detached from PAM, and > > have the PAM ties as an option you have to enable as opposed to it > > being the default. > > I disagree. > > Everything should use PAM by default. It's why it was invented: so > that all authentication goes through one mechanism. If you then want > to add/take away something, you only have to do it in one place. > > If, as a matter of policy/preference, you want to change things > locally there should be a make.conf setting of some kind. > > What other exceptions should be made with regards to PAM? xdm(1) > perhaps? telnetd(8)? > > -- > David Magda <dmagda at ee.ryerson.ca> > Because the innovator has for enemies all those who have done well under > the old conditions, and lukewarm defenders in those who may do well > under the new. -- Niccolo Machiavelli, _The Prince_, Chapter VI > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message -- Bob Willcox We seem to have forgotten the simple truth that bob@vieo.com reason is never perfect. Only non-sense attains Austin, TX perfection. -- Poul Henningsen [1894-1967] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021005155131.GA8769>