On 1 Apr 2003, Stefan Voelkel wrote: > > I've been trying to write a PAM module that checks users against > > the list of users currently logged on to Samba, and I can't find any > > good way of getting the IP address of the host they are loggin in from > > - PAM_RHOST returns the hostname rather than an IP address. > > Is there a PAM_ITEM or anything with the IP address in? > > I am interested in this too, since I want to write a one time password > pam module, that will only work from some ip addresses. > > The idea is to allow users logging in from the lan to use their standard > password and force those coming from the wan to use otp's PAM_RHOST is the correct item however the data it contains is subject to the application rather than PAM. When dealing with this here (with Apache and mod_auth_pam) I simply patched to mod_auth_pam to supply the IP address rather than host name. The problem stems from the fact that both are valid data for PAM_RHOST. I think you could use the pam_rhosts_auth.so module for this with the /etc/hosts.equiv file however that feels really kludgy to me and would probably lead to confusion. Jason Clifford -- UKFSN.ORG Finance Free Software while you surf the 'net http://www.ukfsn.org/ Sign up now _______________________________________________ Pam-list@xxxxxxxxxx https://listman.redhat.com/mailman/listinfo/pam-list
