KerberosV OpenLDAP and PAM

To: debian-security@lists.debian.org
Subject: KerberosV OpenLDAP and PAM
From: Matthijs Mohlmann <matthijs@active2.homelinux.org>
Date: 30 Aug 2003 23:06:50 +0200
Message-id: <[🔎] 1062277610.28540.10.camel@Active2>

ey all,

I use for authentication KerberosV. For all types of data i use OpenLDAP
and for login on into a computer on a network i use PAM.

When i use KerberosV then i do so:
auth  requisite  pam_securetty.so
auth  requisite  pam_nologin.so
auth  required   pam_env.so
auth  sufficient pam_krb5.so
auth  required   pam_unix.so nullok
account  sufficient      pam_krb5.so
account  required        pam_unix.so
session  sufficient      pam_krb5.so
session  required        pam_unix.so

When i use Pam then i do so:
auth  requisite  pam_securetty.so
auth  requisite  pam_nologin.so
auth  required   pam_env.so
auth  sufficient pam_ldap.so
auth  required   pam_unix.so nullok
account  sufficient      pam_ldap.so
account  required        pam_unix.so
session  sufficient      pam_ldap.so
session  required        pam_unix.so

Now i want this together. But i don't know how. I've read the
documentation from PAM but i don't get it.

What i want is the security of KerberosV and the Flexibility of
OpenLDAP.

My configuration is now that in OpenLDAP is a attribute userPassword and
this attribute points to the KerberosV database.

And if it can't i make tomorrow my own PAM module :)

Reply to:

Follow-Ups:
- Re: KerberosV OpenLDAP and PAM
  - From: Cajus Pollmeier <c.pollmeier@gmx.net>
- Re: KerberosV OpenLDAP and PAM
  - From: Stephen Frost <sfrost@snowman.net>

Prev by Date: loggin with iptables, syslog problem
Next by Date: Re: KerberosV OpenLDAP and PAM
Previous by thread: Re: loggin with iptables, syslog problem
Next by thread: Re: KerberosV OpenLDAP and PAM
Index(es):
- Date
- Thread