> Yes, but I'm assuming that PAM will take the world by storm and
> /bin/login will be doing the right thing everywhere. :)
I can't make this assumption. I have to assume that the machines I am
working with can be upto 20 years old and won't have PAM support.
> In fact, MIT's telnetd, if modified to call /bin/login with -f
> <username> when doing valid authentication, should work.
Unfortunately, we can't rely on /bin/login supporting -f and even if
we did /bin/login would not know how to handle the tickets. That is
why I need to build the functionality into telnetd. But I can't only
support the PAM extensions you want to create. I need to secure that
machines that have been deployed over the last couple of decades.
They aren't just going to go away.
Jeffrey Altman * Sr.Software Designer
The Kermit Project * Columbia University
612 West 115th St * New York, NY * 10025 * USA
http://www.kermit-project.org/ * kermit-support@kermit-project.org
