[ale] pam vs. shadow passwords

[Matthew Brown]

This raises a good question with me...

Does anyone know of a database-driven authentication system?  I hope this
isn't a RT*M question, but since the default is to use a rather unsecure
ASCII file, I thought I'd ask.  Sure would be nice.

-Matthew Brown
cordata.net

----- Original Message -----
 From: Michael H. Warfield <mhw at wittsend.com>
To: <chiang at nwisgw3.ic.ornl.gov>
Cc: <ale at ale.org>
Sent: Tuesday, February 02, 1999 10:20 AM
Subject: Re: [ale] pam vs. shadow passwords


>Lisa Chiang enscribed thusly:
>> Can anyone explain the difference between these two methods?
>
>> I know that Redhat uses pam to control access to xdm etc... but where is
the
>> Suse equivalent? Does pam create encrypted user passwords like shadow or
are
>> they mutually exclusive?
>
> PAM, or plugable authentication modules, is a way to "plug-in" or
>change authentication systems without recompiling programs.  PAM itself
>is merely an archetecture on which to hang things like NIS, NIS+, Kerberos,
>and Shadow Passwords.  The idea then is that if you want to change your
>authentication method from standard passwords to shadow passwords, you
>convert your files and the reconfigure the pam modules.  All of your
>"pamified" applications then automagically start using the new
authentication
>method.  Shadow passwords are only one of those methods...  So you could
say
>that shadow passwords are a subset or a service of PAM.   You can also have
>applications with something like shadow passwords hard linked, but then
>you can't switch without replacing libraries or recompiling apps.
>
>> Thanks.
>>
>> --
>> Lisa Chiang
>> Georgia Institute of Technology
>> gt6492d at gatech.campuscwix.net
>>
>
>
>--
> Michael H. Warfield    |  (770) 985-6132   |  mhw at WittsEnd.com
>  (The Mad Wizard)      |  (770) 925-8248   |  http://www.wittsend.com/mhw/
>  NIC whois:  MHW9      |  An optimist believes we live in the best of all
> PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!