[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Shadow Passwords

marekm@i17linuxb.ists.pwr.wroc.pl (Marek Michalkiewicz)  wrote on 31.01.96 in <199601312025.VAA02091@i17linuxb.ists.pwr.wroc.pl>:

> I know some people don't like shadow passwords.  Others (like me) don't like
> non-shadow passwords :-).  The best way to keep everyone happy is to make
> them optional and let the user decide...

Personally, I think the ideal solution to this will be PAM, which is  
currently in the process of getting implemented for Linux. This will allow  
you to have a config file where you specify just what sort of password  
handling (/etc/passwd, /etc/shadow, yp, Kerberos, S/key, Bruce's MD5,  
.rhost, what have you) you want to use with what program, without any need  
to recompile your programs once they know about PAM - just add another PAM  
module to handle your new scheme.

I have no idea how long the implementation will take, of course; but what  
I've seen from it looks good so far. And it's not Linux-only - it seems to  
have OSF origins.

I feel it's high time to get a unified way to do this, and I think PAM  
will be that unified way.



Mailing list linux-pam@mit.edu - ask Theodore Ts'o (tytso@mit.edu).

MfG Kai

Reply to: