[ale] pam vs. shadow passwords

[Matthew Brown]

I can one-up you on the dumb-foundedness...

What's NIS/NIS+?  I keep hearing it.

Also, I am not so much worried about the ASCII file thing now that I think
about it  - I am really looking for something that will handle far more than
you could do in a file-based mechanism.

I need to achieve something in the 100's of thousands as far as a rough
order of magnitude, so a dB would be the thing, but I also need something to
interface naturally with the O/S.  This is one reason I am looking into
Linux, because the natural NT mechanisms - SAM's/NTLM start thrashing (I
hear) around 15-20k users.

Anyway, I really appreciate the input!  I think writing an auth mechanism
would be over my head right now, though.

Best regards,
-Matthew Brown
cordata.net
-----Original Message-----
 From: Dan Newcombe <Newcombe at mordor.clayton.edu>
To: Matthew Brown <matthew.brown at cordata.net>
Cc: ALE <ale at ale.org>
Date: Tuesday, February 02, 1999 8:56 PM
Subject: Re: [ale] pam vs. shadow passwords


>On Tue, 2 Feb 1999, Matthew Brown wrote:
>> Does anyone know of a database-driven authentication system?  I hope this
>> isn't a RT*M question, but since the default is to use a rather unsecure
>> ASCII file, I thought I'd ask.  Sure would be nice.
>
>RTFM should never be an answer to a question.  Anyway, the shadow stuff
>helps to get around that "rather unsecure" ascii file.  But, with PAM, you
>should be able to write a module to interface with your favourite database
>system, or even implement your own.
>
>The nice thing about weak old text files is that a database is easier to
>hose, and if that goes, good luck logging in :)
>
>But what do I know - I'm still dumbstruck there is no NIS+ server for NT
>Domains.