On Nov 29, 2007 2:22 PM, James G. Sack (jim) <[EMAIL PROTECTED]> wrote: > Gregory K. Ruiz-Ade wrote: > > On Nov 29, 2007, at 10:54 AM, James G. Sack (jim) wrote: > > > >>> For extra credit, how would one implement it when using LDAP or Kerberos > >>> for authentication? > >> > >> pam > > > > > > sorry, you missed the point. If we're already using LDAP or Kerberos > > authentication (which, yes, is a pam module), how do we store previous > > passwords when a user changes their password? > > > > Unless I'm missing your point, and you're telling me to write a pam > > module to do this. :) > > Yeah, I was in first-response mode, and thinking that a pam module could > be written to do many things auth-related, but now I'm kinda thinking I > was pretty far offtrack. Pam could play some part, I'm sure, but it > doesn't really directly address the stated problem.
<http://uranus.it.swin.edu.au/~jn/linux/redhatserver.htm> has a section on using PAM to deal with password re-use. The implication is that the modules are already there, but not particularly well publicised. carl -- carl lowenstein marine physical lab u.c. san diego [EMAIL PROTECTED] -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
