[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: pam_krb5 and blank passwords.

From: Digant C Kasundra <digant stanford edu>
To: Pluggable Authentication Modules <pam-list redhat com>
Subject: Re: pam_krb5 and blank passwords.
Date: Tue, 13 Feb 2007 17:07:22 -0800

I'm not sure what the problem might be, but I can say I think there is abetter pam_krb5 module than the one that comes with RedHat:


<http://www.eyrie.org/~eagle/software/pam-krb5/>

--On Wednesday, February 07, 2007 3:03 PM +1000 Ian Mortimer<ian physics uq edu au> wrote:

We've been using this auth configuration to allow login with krb5 (AD)
or with a unix password:

auth        required      pam_env.so
auth        sufficient    pam_krb5.so
auth        sufficient    pam_unix.so use_first_pass
auth        required      pam_deny.so

The way this works has changed between pam-0.79 + pam_krb5-2.1.15
and pam-0.99.6.2 + pam_krb5-2.2.11.

Previously if a user had an AD account but no password set they
could not login with a blank password - now they can.  This
probably should be fixed in AD but I was wondering if there's a
way of doing it through pam.


Thanks
---
Ian

_______________________________________________
Pam-list mailing list
Pam-list redhat com
https://www.redhat.com/mailman/listinfo/pam-list

References:
- pam_krb5 and blank passwords.
  - From: Ian Mortimer

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]