From owner-freebsd-security@FreeBSD.ORG Fri Sep 16 21:54:15 2011 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 003E1106564A for ; Fri, 16 Sep 2011 21:54:14 +0000 (UTC) (envelope-from delphij@delphij.net) Received: from anubis.delphij.net (anubis.delphij.net [IPv6:2001:470:1:117::25]) by mx1.freebsd.org (Postfix) with ESMTP id DA4C48FC13 for ; Fri, 16 Sep 2011 21:54:14 +0000 (UTC) Received: from delta.delphij.net (drawbridge.ixsystems.com [206.40.55.65]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by anubis.delphij.net (Postfix) with ESMTPSA id A2603141B3; Fri, 16 Sep 2011 14:54:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=delphij.net; s=anubis; t=1316210054; bh=Crq0+DeJ3T3xhlzHvBN4vziLNRf3VLjqF/SweA2c8rg=; h=Message-ID:Date:From:Reply-To:MIME-Version:To:CC:Subject: References:In-Reply-To:Content-Type:Content-Transfer-Encoding; b=aRE08gAIQD5chyf4pFyKSemTf38CiSWYDVIqfWWQ95VK9i8nH1wcDZLWNcGzylXO4 aONXq5sTImHStRKq628ADbWeKanjnJYNKw2hmeaYk+bgAhTg5y9FgxxQzNTt9B+2sx Jaiw/hzdogGek8BZO57d80dpe4yfz5K0lUN5uwBg= Message-ID: <4E73C583.7060408@delphij.net> Date: Fri, 16 Sep 2011 14:54:11 -0700 From: Xin LI Organization: The FreeBSD Project MIME-Version: 1.0 To: Mark Felder References: <86boukbk8s.fsf@ds4.des.no> <4E738794.4050908@delphij.net> In-Reply-To: OpenPGP: id=3FCA37C1; url=http://www.delphij.net/delphij.asc Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: freebsd-security@freebsd.org Subject: Re: PAM modules X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: d@delphij.net List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Sep 2011 21:54:15 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 09/16/11 10:39, Mark Felder wrote: > On Fri, 16 Sep 2011 12:29:56 -0500, Xin LI wrote: > >> LDAP? (We do currently have some work on LDAP integration but not >> sure if the community would be interested -- this would need an import >> of stripped down OpenLDAP) and modifies OpenSSH to support public key >> in LDAP directory. > > All of this would be greatly appreciated by myself and my fellow coworkers. I can publish the source code but note that it's for FreeBSD 8.2 and OpenLDAP needs to be updated. Changes are moderately intrusive but is in a manageable shape, it's used in production at a company who wishes to remain anonymous (the work is mostly putting together several open source models, fix bugs and they have assigned a delegate for copyright to license it under compatible license). I need to find some time to adapt the code to -HEAD and call for feedback. Cheers, - -- Xin LI https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iQEcBAEBCAAGBQJOc8WDAAoJEATO+BI/yjfB9p4IAIT82Z8I+6jkhyhCL/wbcXQk KPAfpuPQCUjn1Lm2C/UUgWdBO17SYzBJUlyt1FJuDctGab18mJgvWMvjb+cUgXKH lfcxUdmBxkhwwTSE7EfB4qLphn28si67INOZN3xSVzyXuxGTqwXcO5fJlbJly77B nNS8JUu3X9tjMwGHwOWjG7R6n/bEdsmJUdWtMT2t3B6thFsStgqshTnKoBs18vPN vWdY7vdX3Mco1kjLTGoq3DZUxZyBxn75IvSSpvFLtn4T4YT22U2V0KY5h1JUsz9q MVQGLpUpudyFI8T+rzbQR3yxtv7gqgumlIuYpjF9rP0FtoQDcB2vRlMzAqM5j1o= =m5hN -----END PGP SIGNATURE-----