On Mon, Aug 21, 2000 at 02:32:30PM -0400, Jeffrey Altman wrote: > > Yes, but I'm assuming that PAM will take the world by storm and > > /bin/login will be doing the right thing everywhere. :) > > I can't make this assumption. I have to assume that the machines I am > working with can be upto 20 years old and won't have PAM support. > > > In fact, MIT's telnetd, if modified to call /bin/login with -f > > <username> when doing valid authentication, should work. > > Unfortunately, we can't rely on /bin/login supporting -f and even if > we did /bin/login would not know how to handle the tickets. That is > why I need to build the functionality into telnetd. But I can't only > support the PAM extensions you want to create. I need to secure that > machines that have been deployed over the last couple of decades. > They aren't just going to go away. Gee. I have the same problem. Actually, we're paying the vendor to port LinuxPAM to such a legacy platform and PAMify various bits of it. Yes, patches, if there are any, will be contributed to LinuxPAM. LinuxPAM is reasonably portable; heck, it has little Linux-spacific code in the framework and even pam_unix, though some of the modules included with it are probably not so portable. > Jeffrey Altman * Sr.Software Designer > The Kermit Project * Columbia University > 612 West 115th St * New York, NY * 10025 * USA > http://www.kermit-project.org/ * kermit-support@kermit-project.org Nico --
