|
| From: | Brian Murphy |
| Subject: | Re: PAM Patch (was Re: authenticating cvs against ldap) |
| Date: | Thu, 17 Jul 2003 23:35:04 +0200 |
| User-agent: | Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030529 |
Derek Robert Price wrote:
Derek Robert Price wrote:Brian Murphy wrote:Can anyone on the list enlighten me as to why [my PAM patch] is not applied?Because I'm the only developer interested enough to try it and I've been very busy and haven't managed to get around to it despite the best of intentions.Okay, your patch applies and compiles fine and I'm testing it now, but now that I finally read through the patch properly, I have a few concerns.1. Your patch needs a ChangeLog entry.
Has been sent.
2. It would be nice to support OTPs. I'm thinking that a server which received an empty password could send a "send me a real password" to a properly equipped client. I don't need to see this yet, though.
Yes - the best way to do this is to have PAM communicate directly with the client - not in the hackish way it works now. This is however complicated but would be very nice when
completed. I would be willing to make a stab at this.
3. I think I would also like future clients to accept a "-p" option to always request the password from the command line rather than looking in ~/.cvspass so that users have the option to use a password not either stored in ~/.cvspass or passed in on the command line. I will write this soon.
This should not be too bad to impliment. I'm not sure how many will be willing to use it though.
It's hard to get used to inconvenience. /Brian
| [Prev in Thread] | Current Thread | [Next in Thread] |