Skip site navigation (1)Skip section navigation (2)
Date:      18 Mar 2002 12:06:45 +0100
From:      Dag-Erling Smorgrav <des@ofug.org>
To:        Mark Murray <mark@grondar.za>
Cc:        cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   Re: cvs commit: src/crypto/openssh auth-skey.c
Message-ID:  <xzp7koanni2.fsf@flood.ping.uio.no>
In-Reply-To: <200203181059.g2IAxfH5001916@grimreaper.grondar.org>
References:  <xzplmcqnoea.fsf@flood.ping.uio.no> <200203181059.g2IAxfH5001916@grimreaper.grondar.org>

next in thread | previous in thread | raw e-mail | index | archive | help
Mark Murray <mark@grondar.za> writes:
> > I don't think we've ever used PAM for S/Key authentication, have we?
> No - but we use PAM for OPIE, and this file is used for OPIE (as you
> saty above).

What I mean is that our version of OpenSSH has never used PAM for what
it calls S/Key, which in our tree is actually OPIE.

ISTR Eivind ran into some trouble related to this when he first
PAMified OpenSSH, regarding assumptions that challenge / response
based authentication had to be S/Key.  As far as I can determine, this
was still true of OpenSSH 2.9 but is no longer true of OpenSSH 3.1,
which has an elaborate mechanism for defining new authentication
methods (gee, you'd think they'd heard of PAM...)  I'm going to see if
I can make PAM fit into this mechanism instead of hacking it into
auth[12].c and session.c like we do now.

DES
-- 
Dag-Erling Smorgrav - des@ofug.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzp7koanni2.fsf>