[ale] pam vs. shadow passwords
Matthew Brown
matthew.brown at cordata.net
Tue Feb 2 23:18:38 EST 1999
I can one-up you on the dumb-foundedness...
What's NIS/NIS+? I keep hearing it.
Also, I am not so much worried about the ASCII file thing now that I think
about it - I am really looking for something that will handle far more than
you could do in a file-based mechanism.
I need to achieve something in the 100's of thousands as far as a rough
order of magnitude, so a dB would be the thing, but I also need something to
interface naturally with the O/S. This is one reason I am looking into
Linux, because the natural NT mechanisms - SAM's/NTLM start thrashing (I
hear) around 15-20k users.
Anyway, I really appreciate the input! I think writing an auth mechanism
would be over my head right now, though.
Best regards,
-Matthew Brown
cordata.net
-----Original Message-----
From: Dan Newcombe <Newcombe at mordor.clayton.edu>
To: Matthew Brown <matthew.brown at cordata.net>
Cc: ALE <ale at ale.org>
Date: Tuesday, February 02, 1999 8:56 PM
Subject: Re: [ale] pam vs. shadow passwords
>On Tue, 2 Feb 1999, Matthew Brown wrote:
>> Does anyone know of a database-driven authentication system? I hope this
>> isn't a RT*M question, but since the default is to use a rather unsecure
>> ASCII file, I thought I'd ask. Sure would be nice.
>
>RTFM should never be an answer to a question. Anyway, the shadow stuff
>helps to get around that "rather unsecure" ascii file. But, with PAM, you
>should be able to write a module to interface with your favourite database
>system, or even implement your own.
>
>The nice thing about weak old text files is that a database is easier to
>hose, and if that goes, good luck logging in :)
>
>But what do I know - I'm still dumbstruck there is no NIS+ server for NT
>Domains.
More information about the Ale
mailing list