Re: Shadow Passwords
marekm@i17linuxb.ists.pwr.wroc.pl (Marek Michalkiewicz) wrote on 31.01.96 in <199601312025.VAA02091@i17linuxb.ists.pwr.wroc.pl>:
> I know some people don't like shadow passwords. Others (like me) don't like
> non-shadow passwords :-). The best way to keep everyone happy is to make
> them optional and let the user decide...
Personally, I think the ideal solution to this will be PAM, which is
currently in the process of getting implemented for Linux. This will allow
you to have a config file where you specify just what sort of password
handling (/etc/passwd, /etc/shadow, yp, Kerberos, S/key, Bruce's MD5,
.rhost, what have you) you want to use with what program, without any need
to recompile your programs once they know about PAM - just add another PAM
module to handle your new scheme.
I have no idea how long the implementation will take, of course; but what
I've seen from it looks good so far. And it's not Linux-only - it seems to
have OSF origins.
I feel it's high time to get a unified way to do this, and I think PAM
will be that unified way.
References:
http://www.pilgrim.umass.edu/pub/osf_dce/RFC/rfc86.0.txt
Mailing list linux-pam@mit.edu - ask Theodore Ts'o (tytso@mit.edu).
MfG Kai
Reply to: