[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: kerberos support in ssh/lsh
>>>>> "GOMBAS" == GOMBAS Gabor <email@example.com> writes:
GOMBAS> Let me argue that. The interface of PAM is not
GOMBAS> brain-damaged at all. It is designed to provide
GOMBAS> _interactive_ _password-based_ authentication
GOMBAS> services. It's quite true however that the SSH protocol
GOMBAS> does not support interactive authentication at all (at
GOMBAS> least the 1.x versions do not; I haven't looked at the 2.0
GOMBAS> protocol closely yet). By saying that I mean that the SSH
GOMBAS> protocol cannot be dynamically extended with message types
GOMBAS> the client does not know about before - and that's what
GOMBAS> PAM does...
How does openssh deal with this problem?
Brian May <firstname.lastname@example.org>