[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 2/3] gnu: pam_unix.so Add use_first_pass option.
From: |
John Darrington |
Subject: |
Re: [PATCH 2/3] gnu: pam_unix.so Add use_first_pass option. |
Date: |
Fri, 28 Oct 2016 07:22:32 +0200 |
User-agent: |
Mutt/1.5.23 (2014-03-12) |
On Thu, Oct 27, 2016 at 02:51:02PM +0200, Ludovic Court??s wrote:
>
> On its own it does nothing. It makes more sense in context with the
other patch I sent.
> With this option in place, one can extend the unix-pam-service with
another pam service
> (such as krb5-pam), and if the krb5 authentication fails (for example
because I am not
> at work) then the password I gave will be presented to the regular
pam_unix login.
> I won't be prompted for it again.
In that case, instead of hardcoding ???use_first_pass??? here, would it be
possible for the pam-krb5 service to extend ???pam-root-service-type???
with
a procedure that automatically adds ???use_first_pass??? where needed?
I will look into it. But almost any other pam module will want to do the same
- at least
any other which uses passphrase based authentication. So I thought why put the
onus on
every other module to do this?
J'
--
Avoid eavesdropping. Send strong encrypted email.
PGP Public key ID: 1024D/2DE827B3
fingerprint = 8797 A26D 0854 2EAB 0285 A290 8A67 719C 2DE8 27B3
See http://sks-keyservers.net or any PGP keyserver for public key.
signature.asc
Description: Digital signature
[PATCH 3/3] gnu: Add pam-krb5 service., John Darrington, 2016/10/22