Gary Winiger wrote:
> Darren,
>
>> That is exactly what it going on.
>>
>> Are you asking for pam_krb5 to only try once with the value of
>> PAM_AUTHTOK and not to ever prompt you again if that doesn't work ?
>> I think we could add a module option for that. The behaviour anoys
>> me as well :-)
Erich Weiler wrote:
> Hi Shawn (and opensolaris security community),
>
> What I'm about to mention is not related to the pam_krb5 bug we have
> been talking about but is a musing on the behavior of pam_krb5 in a
> different sense.
>
> I'm starting to think that pam_krb5 doesn't correctly accept
> I will call and mention this to my contract support guy. Is 6395124 the
> bug ID? Or should I refer to that number as something else?
> > Feel free to add a call record to 6395124. You should be able
> > to do that through the same mechanism you use for all your other
> > Sun ser
> While that was certainly the goal for the Solaris modules pam_krb5's
> hardcoded behaviour is equivalent to what you used to get with
> try_first_pass. I know we discussed this and I'm pretty sure it is
> documented why in the PSARC cases that approved the changes; I'll need
> to look it up
Of course I would prefer it to not try to validate twice when given a
bad password :) I understand what you are saying, thanks for clearing
that up.
I will call and mention this to my contract support guy. Is 6395124 the
bug ID? Or should I refer to that number as something else?
ciao, eri
> > My summary: No current service module prompts for a username or
> > password other than pam_authok_get(5) (and in the special case of
> > password change pam_passwd_auth(5)).
>
> If that is the case, do you have ideas as to what may be prompting me
> for my password twice for dtlo
> My summary: No current service module prompts for a username or
> password other than pam_authok_get(5) (and in the special case of
> password change pam_passwd_auth(5)).
If that is the case, do you have ideas as to what may be prompting me
for my password twice for dtlogin?
Darren,
> That is exactly what it going on.
>
> Are you asking for pam_krb5 to only try once with the value of
> PAM_AUTHTOK and not to ever prompt you again if that doesn't work ?
> I think we could add a module option for that. The behaviour anoys
> me as well :-)
> Please log a bug for this
> Are you asking for pam_krb5 to only try once with the value of
> PAM_AUTHTOK and not to ever prompt you again if that doesn't work ?
> I think we could add a module option for that. The behaviour anoys
> me as well :-)
> Please log a bug for this on http://bugs.opensolaris.org if that is
> what
Robert Bailey wrote:
>
> Does anyone know where there is some good install / configuration
> documentation for the new Trusted Extensions? I've gone over the
> included documentation, but I think I need do do a bit more reading
> when it comes to labeled zones.
I believe the install instruc
10 matches
Mail list logo
