Date: Wed, 24 May 2000 15:19:54 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: "Jeroen C. van Gelderen" <jeroen@vangelderen.org> Cc: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>, "Andrey A. Chernov" <ache@FreeBSD.ORG>, Peter Wemm <peter@netplex.com.au>, Sheldon Hearn <sheldonh@uunet.co.za>, cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/crypto/openssh sshd_config Message-ID: <Pine.BSF.4.21.0005241518170.24095-100000@freefall.freebsd.org> In-Reply-To: <392C3E40.E0D8974D@vangelderen.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 24 May 2000, Jeroen C. van Gelderen wrote: > Not really, sshd just happens to do authentication. The real job > for sshd is to provide host authentication and a secure network > connection over which user authentication can take place. > > Since user authentication is needed by more than one program it > should live in it's own process. Right now there is code > duplication and it is impossible to change the authentication > policy without messing with sshd. This is precisely the point of PAM. Someone needs to PAMerize OpenSSH so we don't have duplicated kerberos/opie/password authentication code in there, although it might be annoying to maintain unless we can get the patches back-integrated. OTOH, hopefully OpenSSH is more stable against major code restructurings now that SSH2 support is in. Kris ---- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe <forsythe@alum.mit.edu> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0005241518170.24095-100000>