re: How auth the md5 password using pam

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> I have developed a PHP application using  PAM auth , and whose config
> file in the /etc/pam.d is :
> 
>  
> 
> #%PAM-1.0
> 
> auth       required     pam_stack.so service=system-auth
> 
> auth       required     pam_nologin.so
> 
> account    required     pam_stack.so service=system-auth

You may also want to post the contents of /etc/pam.d/system-auth, seeing
as this uses it.
 
> I will send the username and password to a CGI program written by C
> language modules and PAM APIs.
Sorry; it's not clear (at least to me) what you mean.  Does your PHP
application send the password to the C CGI program which then performs
the authentication using PAM.  Or does the user send the password to the
C CGI program which performs the integration using PAM - if so what does
the PHP app have to do with it?

> Now I want to encrypt the password with md5, and send username and the
> MD5 encrypted password to CGI .
Firstly MD5 is not encryption, it's a hashing algorithm.  Secondly if
you want to communicate securely with a web application, either from
another web application or from a PAM module, then you need to do more
than just encrypt the password; look up TLS and SSL.

> But I donʼt know how to modify my PAM config file to make it support
> auth the MD5 password.
By the sounds of it, if you are trying to communicate passwords between
applications (I'd also suggest that this is never a very secure nor
sensible way of doing things), then this has nothing to do with PAM.

HTH

Cheers,
 - Martin



_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux