On Tue, 20 May 2003, mla wrote: > hello all! I would like to ask if there is a bug with the pam_unix module. > I'm currently working on it on red hat 8 and I use it to authenticate > users using it in login, etc. I noticed that even if I used an invalid > user it returns authentication failed which should have been > pam_user_unknown. did I miss something here? I dunno why its doing this. 1) Use a mailclient that wraps at 80 chars 2) pam_unix will return authentication failed because we won't give info to the other site what has gone wrong. They only need to know that authentication failed. This prevents script kiddies from guessing username. Internally, the application get's a PAM_USER_KNOWN back, and the application usually logs this. The user will simply see 'Authentication failed'. Igmar _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
