Re: LDAP breaks kcheckpass when not setuid root (#298148)

To: debian-devel@lists.debian.org
Subject: Re: LDAP breaks kcheckpass when not setuid root (#298148)
From: Josselin Mouette <joss@debian.org>
Date: Mon, 07 May 2007 15:10:10 +0200
Message-id: <[🔎] 1178543410.30382.46.camel@silicium.ccc.cea.fr>
In-reply-to: <[🔎] 200705070957.54744.russell@coker.com.au>
References: <[🔎] 20070504112317.GA6069@laptux.workaround.org> <[🔎] 20070504222317.GD32489@miami.connexer.com> <[🔎] 20070505061336.GG3066@p12n.org> <[🔎] 200705070957.54744.russell@coker.com.au>

Le lundi 07 mai 2007 à 09:57 +1000, Russell Coker a écrit :
> On Saturday 05 May 2007 16:13, Peter Samuelson <peter@p12n.org> wrote:
> > [Roberto C. Sánchez]
> >
> > > You mean that the passwords go in the clear?
> >
> > Yes, unless you are securing the entire LDAP session, using SSL.
> 
> Does the pam_ldap module allow you to store the SSL key for the server or 
> authenticate the server with a certificate?

tls_checkpeer yes
tls_cacertfile /path/to/certificate

-- 
 .''`.
: :' :      We are debian.org. Lower your prices, surrender your code.
`. `'       We will add your hardware and software distinctiveness to
  `-        our own. Resistance is futile.

Reply to:

References:
- LDAP breaks kcheckpass when not setuid root (#298148)
  - From: Christoph Haas <haas@debian.org>
- Re: LDAP breaks kcheckpass when not setuid root (#298148)
  - From: Roberto C. Sánchez <roberto@connexer.com>
- Re: LDAP breaks kcheckpass when not setuid root (#298148)
  - From: Peter Samuelson <peter@p12n.org>
- Re: LDAP breaks kcheckpass when not setuid root (#298148)
  - From: Russell Coker <russell@coker.com.au>

Prev by Date: Re: spam from bugs.debian.org
Next by Date: Re: Bug#422423: ITP: libtool-cvs -- Generic library support script - CVS snapshot
Previous by thread: Re: LDAP breaks kcheckpass when not setuid root (#298148)
Next by thread: Re: LDAP breaks kcheckpass when not setuid root (#298148)
Index(es):
- Date
- Thread