Re: How to save a copy of user's input password?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Jul 21, Andy wrote:

> On Tue, Jul 21, 2009 at 1:53 PM, Thorsten Kukuk<kukuk@xxxxxxx> wrote:
> > On Tue, Jul 21, Andy wrote:
> >
> >> Hi all,
> >> My pam version is 1.1.0, I use it to authenticate users.
> >> My case is, when pam finished it's auth, that is after
> >> pam_authenticate(pamh, o) & pam_acct_mgmt(pamh, 0),
> >> I want to save a copy of user's password if it's valid, but I can not
> >> find any API to fulfill my needs.
> >> I tried pam_get_item(pamh, PAM_AUTHTOK, (const void
> >> **)&copy_of_passwd), but it returns a "bad item passed to
> >> pam_*_item()", now I have no idea. :(
> >
> > As written in the documentation, this is not possible. And
> > as your application does not know in which form the authentication
> > was done, it doesn't make sense, too. Who says that a password
> > was used for authentication? The admin could have decided to
> > use finger prints instead or whatever else.
> >
> 
> But now, in PAM, "pam_authenticate(...)" function gives a promt
> "Password:" to let the user type in a password,

One of the configured PAM modules is asking that, but you can
always replace that module with something different.

> we really have no way to get a copy of user's input ?

No, there is not. Read the documentation.

> I saw some code in google, something like below:

That's code for a PAM module, not a PAM aware application.

> I guess this may try to retrieve a copy of  authtok(password ??), but
> now ( version1.1.0 ), PAM_AUTHTOK seems not be supported anymore.

Not anymore, it was never.

You should really start reading the PAM documenation, especially
the application writer guide.

  Thorsten

-- 
Thorsten Kukuk, Project Manager/Release Manager SLES
SUSE LINUX Products GmbH, Maxfeldstr. 5, D-90409 Nuernberg
GF: Markus Rex, HRB 16746 (AG Nuernberg)

_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux