On Mon, Mar 10, 2003 at 01:36:50PM -0500, Thomas M. Payerle wrote: > Apparently the community was largely unaware of my pam_netgroups module > due to my improper advertising of it. I did announce it on this list > a couple years back when it came out (and possibly once later after a minor > bugfix), and it is referenced on a web page which I thought > was the primary repository for such stuff > (http://www.kernel.org/pub/linux/libs/pam/modules.html). And we maintain a number of PAM modules which Andrew is aware of, yet they aren't even listed on the above web page... I've recently setup my own web page for "exported versions" of the PAM modules we did for Openwall GNU/*/Linux (Owl): http://www.openwall.com/pam/ Currently, this includes pam_passwdqc, pam_userpass, pam_mktemp, and pam_tcb. Of those, pam_passwdqc and pam_tcb also have their dedicated pages (linked from the above). pam_passwdqc is a password strength checking module. In addition to checking regular passwords, it offers support for passphrases and can provide randomly generated passwords. It is also quite portable: currently supported are Linux (Linux-PAM), FreeBSD-current (OpenPAM), Solaris, and HP-UX 11. And it is in fact a part of FreeBSD-current. pam_userpass solves the flawed assumption non-interactive services such as FTP and POP3 servers previously had to make in order to provide a username and password pair to a PAM module stack. It is specific to Linux-PAM. pam_mktemp provides per-user private temporary file directories. And finally, pam_tcb supersedes pam_unix (pam_pwdb) and is a part of our tcb suite implementing the alternative password shadowing scheme, which in turn is now available for use with other distributions: http://www.openwall.com/tcb/ The tcb scheme allows many core system utilities (passwd(1) being the primary example) to operate with little privilege (not SUID root). Note that pam_tcb may be useful for you even if you don't intend to switch to the tcb scheme. It is fully backwards compatible with Linux-PAM pam_unix, but offers many improvements and cleaner code. The tcb suite has been designed and implemented primarily by Rafal Wojtczuk with significant contributions by me and Dmitry V. Levin. -- /sd _______________________________________________ Pam-list@xxxxxxxxxx https://listman.redhat.com/mailman/listinfo/pam-list
