|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
4.x, PAM, password facility
From: Charles Sprickman (spork
inch.com)
Date: Fri Jun 18 2004 - 15:26:19 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi,
I've been playing around with pam_mysql, and have it working for
interactive logins (backed by /etc/passwd entries for uid/gid w/*'d
password field) and it works well so far.
Looking at the source to the module, it does support password changing.
So I put in the following entry in pam.conf:
sshd password required pam_mysql.so user=root db=pam table=users crypt=1
However, it doesn't seem to hit the module at all for password changes. I
also noticed the default line is like so:
sshd password required pam_permit.so
I would have expected a "pam_unix.so" there instead. Is the password
facility implemented in 4.x?
And since I know there's someone lurking here that knows this, is there
any way to have OpenSSH deny a login when a user has key-based auth setup
on their account? I never found a good way to take care of that; changing
the shell, etc. is a bit awkward.
Thanks,
Charles
--
Charles Sprickman
sporkinch.com
_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]