[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security trough paranoia

On 2 Apr 2001, Brian May wrote:

>     Steve> pam_smbpass is also now available in unstable as libpam-smbpass.
>     Steve> Unfortunately, it looks as though it'll take some work yet before
>     Steve> pam_krb5_migrate will build cleanly against Debian.

> What problems have you had?

> Have you tried compiling against MIT Kerberos or Heimdal (both are now
> in Debian)?

pam_krb5_migrate uses a (nominally :) public interface which isn't exposed in
the current MIT Kerberos packages.  I'm working with Sam Hartman to resolve
this issue (and others).

I've not tested pam_krb5_migrate against Heimdal; it may work, although owing
to the incompatible remote administration (kadmin) protocols, it won't work
from an MIT client to a Heimdal server or vice versa in the foreseeable

Steve Langasek
postmodern programmer

Reply to: