> I have developed a PHP application using PAM auth , and whose config > file in the /etc/pam.d is : > > > > #%PAM-1.0 > > auth required pam_stack.so service=system-auth > > auth required pam_nologin.so > > account required pam_stack.so service=system-auth You may also want to post the contents of /etc/pam.d/system-auth, seeing as this uses it. > I will send the username and password to a CGI program written by C > language modules and PAM APIs. Sorry; it's not clear (at least to me) what you mean. Does your PHP application send the password to the C CGI program which then performs the authentication using PAM. Or does the user send the password to the C CGI program which performs the integration using PAM - if so what does the PHP app have to do with it? > Now I want to encrypt the password with md5, and send username and the > MD5 encrypted password to CGI . Firstly MD5 is not encryption, it's a hashing algorithm. Secondly if you want to communicate securely with a web application, either from another web application or from a PAM module, then you need to do more than just encrypt the password; look up TLS and SSL. > But I donʼt know how to modify my PAM config file to make it support > auth the MD5 password. By the sounds of it, if you are trying to communicate passwords between applications (I'd also suggest that this is never a very secure nor sensible way of doing things), then this has nothing to do with PAM. HTH Cheers, - Martin _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
