Date: Wed, 10 Jun 1998 20:22:09 +0100 From: Dom Mitchell <dom@myrddin.demon.co.uk> To: "Matthew N. Dodd" <winter@jurai.net> Cc: The Hermit Hacker <scrappy@hub.org>, Wm Brian McCane <root@bmccane.maxbaud.net>, isp@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Radius login via getty Message-ID: <E0yjqRl-0000I9-00.qmail@myrddin.demon.co.uk> In-Reply-To: "Matthew N. Dodd"'s message of "Tue, 9 Jun 1998 16:24:21 -0400 (EDT)" References: <Pine.BSF.3.96.980609143102.17992E-100000@sasami.jurai.net>
next in thread | previous in thread | raw e-mail | index | archive | help
"Matthew N. Dodd" <winter@jurai.net> writes: > Touching on this subject was a previous discussion of policy based login > handeling. (when/where/method based restrictions) > > Was there ever a design proposal submited? > > We have a number of different combinations to resolve and a solution that > is configurable not unlike IPFW (rule chains) might be a win. [snip] > We've got a number of different authentication systems to choose from as > well (and must take into account their needs.) > > - flatfile username/password (normal, default fallback etc) > - YP/NIS > - NIS+ > - S/Key > - .rhosts > - RSA (via ssh) > - Kerberos 4 > - Kerberos 5 > - Radius > - LDAP? > - External database/flatfile etc? > - ACE/SecureID Really, what we're looking at here, is something like Solaris' /etc/nsswitch.conf. However, that does bring a whole baggage of shared library gumph with it, even though it is highly configurable. It's probably something that is worth having, regardless. -- "Every minute there's a UNIX system crashing somewhere." -- DJB To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0yjqRl-0000I9-00.qmail>