Future of kerberised telnet, login, rsh, ftp?

James F. Hranicky jfh at cise.ufl.edu
Fri Jul 8 13:56:37 EDT 2005

On Thu, 07 Jul 2005 10:01:40 -0400
Ken Hornstein <kenh at cmf.nrl.navy.mil> wrote:

> That aside ... in general, I've found that the less code I need to
> maintain, the less work I have to do.  If I have to maintain a PAM
> module for some systems and my own wacky crap for other systems, to me
> that's more work for what I can tell is zero gain.  If we were a
> Linux-only shop, it would be a different call.

Is your wacky crap downloadable? 

Right now I can get kdm to do all the PAM prompts using a modified Cusack
module, with the exception of the password change prompts (somewhere 
something, I think PAM itself, is apparently trying to turn off echo 
on a terminal which causes an internal error).

I have an old kerberized version of xdm, but it doesn't seem to do prompts

Now that I have a unified auth DB (heimdal/samba/openldap), all the terminal 
based programs and even Windows prompt properly for password changes. It'd
be nice to have it with xdm/kdm as well, but I could probably live without 


More information about the krbdev mailing list