Jason Hellenthal <[email protected]> writes: > security/pam_jail A PAM module dropping users in jails after login > security/pam_krb5 A Pluggable Authentication Module for Kerberos5
We already have that. > security/pam_ldap A pam module for authenticating with LDAP Not going to happen, since we don't have LDAP in base. > security/pam_mkhomedir Create HOME with a PAM module on demand > security/pam_p11 A PAM module using crypto tokens for auth > authenticate against Unix PAM Requires a PKCS11 implementation in base. I never finished the one I started on... > security/pam_pwdfile A pam module for authenticating with flat passwd > files > security/pam_require A PAM module for restricting access based on unix > group or username What does this do that pam_group doesn't? > security/pam_smb NetBIOS domain logon PAM module Apparently requires Perl to run, although this may be a bug in the port > security/pam_ssh_agent_auth PAM module which permits authentication via > ssh-agent > sysutils/pam_mount A PAM that can mount volumes for a user session That leaves us with the following candidates: - pam_jail - pam_mkhomedir - pam_mount - pam_pwdfile - pam_ssh_agent_auth and possibly also - pam_require - pam_smb Note that pam_mkhomedir and pam_mount can be implemented using pam_exec (possibly with some improvements) and scripts. DES -- Dag-Erling Smørgrav - [email protected] _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
