[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Non-interactive password check

> > On session start the user sends his login name and the password for the
> > remote account. I want to check the authenticity by something like
> > trying to ssh into the remote account and immediately logout again.  The
> > unix user doing this is the owner of the apache process.
> 
> 
> If this is the only time you'll ever want to authenticate users outside 
> of account login, this hack will work. If you want a solution that 
> scales (so that one day your users can be authenticated by mail and web 
> servers, web applications, anything...), use LDAP.

Thanx for your answers so far.

I have to specify my situation more precisely:

Working in the student represention of a university I'm implementing a
printing service (a student make a selection of old exams and the like
that will be treated as an order and printed out). Since all our
students have a UNIX account in the university network we decided to not
maintain user passwords on _our_ server but use the existing university
accounts and "connect" them with our users. (The users don't have to
remember one more password (for a relatively rarely used service) and we
don't have to bother with the inevitable "I forgot my password.")

Since I have no administrative access to the university servers LDAP
doesn't seem to be an alternative. Given that ssh is the only access
method in question is there any way (or ssh'ish program) to avoid the
use of something like ExpectPy (expectpy.sourceforge.net)?

Stony
Reply to: