Dave Ewart wrote: > I have a web server, Box A, which does not have many (shell) users. I > have successfully implemented password-authentication to access various > areas of the web site - Apache using mod_auth_pam, with a few tweaks to > allow it to read the shadow password file. Obviously, this will only > authenticate users of Box A. > > I have another server, Box B, which everyone uses. Is it possible to > "relay" the PAM request from Box A to Box B, so that when faced with a > password authentication request for a web page on Box A, the user is > sucessfully logged in if they correctly enter their Box B username and > password? The point here is that you have to use some kind of distribuited solution to do that. The only way, i can see right now for that is having a LDAP server on BoxB and do a network redirect( using ipchains ) for all requests on the LDAP port on BoxA to BoxB LDAP port. Of course you dont have to use a LDAP server, you can use a SMB server ou something like that to the authetication. I hope i have helped. Regards, Miguel Carvalho
