| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
lo, |
| 5 |
|
| 6 |
On Tuesday 17 January 2006 14:32, Paweł Madej wrote: |
| 7 |
> At this moment I use standard autentication. |
| 8 |
|
| 9 |
No such thing. You mean you are using the authentication that Gentoo uses with |
| 10 |
a default style installation. |
| 11 |
|
| 12 |
> I already don't have any |
| 13 |
> plan of changing passwords, |
| 14 |
|
| 15 |
Then why are you worried about strong passwords? |
| 16 |
|
| 17 |
> but want implement some good solution. |
| 18 |
> Already user can manage its passwords via passwd command. Is PAM secure |
| 19 |
> thing? Because I heard very different opinions about it, once that it is |
| 20 |
> great, once that it could make big security hole. |
| 21 |
|
| 22 |
PAM is by far the best authentication mechanism around for unix imo. If you |
| 23 |
don't use something like PAM, then when you want to integrate say openldap, |
| 24 |
you'd have to manually hack every part of the login procedure to do ldap |
| 25 |
support, likewise for securID etc etc. With pam you get a mechanism that all |
| 26 |
authentication processes can hook into, ie an universal interface. PAM is |
| 27 |
like most things, you can take the time to make it as secure as you need it |
| 28 |
to be, I don't believe that it has any major problems at this point in time. |
| 29 |
|
| 30 |
- -- |
| 31 |
- -- |
| 32 |
Benjamin Smee (strerror) |
| 33 |
crypto/forensics/netmail/netmon |
| 34 |
-----BEGIN PGP SIGNATURE----- |
| 35 |
Version: GnuPG v1.9.20 (GNU/Linux) |
| 36 |
|
| 37 |
iD8DBQFDzSStAEpm7USL54wRAkWCAJ9VzT5cSfa1U4XOIPhpxrHW6RdpDQCeOpQA |
| 38 |
yUeWVsDLie/bU+MkgF3MuS8= |
| 39 |
=vftg |
| 40 |
-----END PGP SIGNATURE----- |
| 41 |
-- |
| 42 |
gentoo-server@g.o mailing list |
Archives