[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-hackers
Subject:    Re: "login classes"
From:       guido () gvr ! win ! tue ! nl (Guido van Rooij)
Date:       1996-07-31 8:21:49
[Download RAW message or body]

> 
> (Basicly, the reason I want this is because I want to be able to use S/Key.
> However, I don't like having a seperate account name for that.  The login
> classes allow you to specify something like, "sef:skey" at the login:
> prompt, and login will then use S/Key instead of the default mechanism.  It
> also removes all password and/or authentication from the login program
> proper, relying on /usr/libexec/auth_* -- e.g., /usr/libexec/auth_passwd and
> /usr/libexec/auth_skey.)
> 

This would break the current way of dealing with skeys: now you can
specify when ppl are obligated to use S/Keys. With your scheme
it will no longer be possible (at least I think so).
Have you made your `normal' authentication in such a way that somehow
the etc/skey.access file is still horoured?

-Guido

[prev in list] [next in list] [prev in thread] [next in thread]