Getting the password in a preauth plugin

Yair Yarom irush at
Thu Apr 19 04:07:18 EDT 2012

Nathaniel McCallum <npmccallum at> writes:

>> My preauth plugin is based on Nordberg's FAST OTP plugin.
> That project is dead, but has been folded into AuthHub:
> I would avoid using it as a base. You could do the same thing as an
> AuthHub plugin with a lot less work.

Yes, I know. I already looked at AuthHub some time ago but as I've
already worked on the fast-otp plugin, it seemed too much work to start
learning the authhub code architecture. Though it's on my todo list to
recheck it and maybe convert my plugin to an authhub plugin. Note that
my kdc will need to run on FreeBSD and Linux, and the client will need
to be Linux, FreeBSD and maybe Mac OS X, and IIRC I had some
dependencies issues with authhub there (but things might have changed in
the meantime).

And, it won't solve my "use current password" problem...

> I don't think there is a good solution to this problem.

Unless there are security issues, I could ask the kdc developers to
consider adding a get password callback :)


More information about the krbdev mailing list