Cyrus IMAP Presentation
Henrique de Moraes Holschuh
hmh at debian.org
Sun Sep 22 13:27:43 EDT 2002
On Sun, 22 Sep 2002, Mathieu Arnold wrote:
> --On dimanche 22 septembre 2002 12:27 -0400 Ken Murchison <ken at oceana.com>
> wrote:
>
> > Quoting Eric Estabrooks <eric at urbanrage.com>:
> >
> >> It should be possible to write a pam module (or extend an existing one)
> >> to include other mechanisms beside plain, if like you said you had plain
> >
> > My understanding of PAM is that you can't retrieve the password. You
> > simply pass it a user, password and service and PAM tells you whether it
> > is correct/allowed or not. I haven't checked the PAM API, so maybe
> > there is a way.
>
> that is true, you can only give it a login and a *plain text* password,
> then, pam checks for its validity, so, you cannot do digests auth. I
> maintain the pam-pgsql freebsd port, and I can tell you that I've been
> debugging it enough to know that :)
How does libpam-opie and openssh manage to do challenge-response auth
through the PAM layer, then?
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
More information about the Info-cyrus
mailing list