Date: 03 Oct 2002 20:08:51 -0400 From: David Magda <dmagda@number6.dyndns.org> To: "Jamie Heckford" <jamie@jamiesdomain.org.uk> Cc: <freebsd-stable@FreeBSD.ORG> Subject: Re: sshd_config vs. PAM Message-ID: <864rc3f4ks.fsf@number6.magda.ca> In-Reply-To: <002e01c26873$3d717a50$3264a8c0@BONG> References: <200209272135.g8RLZ3We005877@arch20m.dellroad.org> <002e01c26873$3d717a50$3264a8c0@BONG>
next in thread | previous in thread | raw e-mail | index | archive | help
"Jamie Heckford" <jamie@jamiesdomain.org.uk> writes: > I would very much like to see ssh completely detached from PAM, and > have the PAM ties as an option you have to enable as opposed to it > being the default. I disagree. Everything should use PAM by default. It's why it was invented: so that all authentication goes through one mechanism. If you then want to add/take away something, you only have to do it in one place. If, as a matter of policy/preference, you want to change things locally there should be a make.conf setting of some kind. What other exceptions should be made with regards to PAM? xdm(1) perhaps? telnetd(8)? -- David Magda <dmagda at ee.ryerson.ca> Because the innovator has for enemies all those who have done well under the old conditions, and lukewarm defenders in those who may do well under the new. -- Niccolo Machiavelli, _The Prince_, Chapter VI To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?864rc3f4ks.fsf>