guix-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 2/3] gnu: pam_unix.so Add use_first_pass option.


From: John Darrington
Subject: Re: [PATCH 2/3] gnu: pam_unix.so Add use_first_pass option.
Date: Fri, 28 Oct 2016 07:22:32 +0200
User-agent: Mutt/1.5.23 (2014-03-12)

On Thu, Oct 27, 2016 at 02:51:02PM +0200, Ludovic Court??s wrote:
     >
     > On its own it does nothing.  It makes more sense in context with the 
other patch I sent.
     > With this option in place, one can extend the unix-pam-service with 
another pam service
     > (such as krb5-pam), and if the krb5 authentication fails (for example 
because I am not
     > at work) then the password I gave will be presented to the regular 
pam_unix login. 
     > I won't be prompted for it again.
     
     In that case, instead of hardcoding ???use_first_pass??? here, would it be
     possible for the pam-krb5 service to extend ???pam-root-service-type??? 
with
     a procedure that automatically adds ???use_first_pass??? where needed?
     

I will look into it.  But almost any other pam module will want to do the same 
- at least
any other which uses passphrase based authentication.  So I thought why put the 
onus on 
every other module to do this?


J'

-- 
Avoid eavesdropping.  Send strong encrypted email.
PGP Public key ID: 1024D/2DE827B3 
fingerprint = 8797 A26D 0854 2EAB 0285  A290 8A67 719C 2DE8 27B3
See http://sks-keyservers.net or any PGP keyserver for public key.

Attachment: signature.asc
Description: Digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]