Commit Graph

22 Commits

Author SHA1 Message Date
Maxim Sobolev
0102b6496c Add entries for GDM (GNOME Display Manager).
MFC after:	3 days
2001-11-26 16:55:40 +00:00
Mark Murray
92678c2908 Make rsh(d) more secure (Hah!) by not defaulting PAM to promiscuously
accepting connections.

Add KDE entries.

Committed From:	BSDConEU Terminal Room
2001-11-10 14:23:07 +00:00
Mark Murray
9858c058b9 Remove (commented out) use of pam_ssh where it won't work. 2001-10-01 17:05:32 +00:00
Mark Murray
17a6c94473 Tidy, reorder and adjust to more correctly reflect FreeBSD default
policy.
2001-08-26 18:15:32 +00:00
Mark Murray
e95927c133 Add no_warn option to the "auth" lines. Minor tidy-up as well. 2001-08-15 20:12:27 +00:00
Mark Murray
caa78f33ed Add OPIE examples.
Tidy up columns.

Fix pam_wheel options.
2001-07-14 08:46:56 +00:00
Mark Murray
6de0745666 Extend the su(1) example to take into account recent options to give
a more BSD flavour.
2001-06-04 19:52:36 +00:00
Mark Murray
6b4a8181a4 Improve and extend. Use new modules to set policy, and provide another
example for WHEELSU-type su(1).
2001-05-26 09:56:17 +00:00
Nick Sayer
76235b992b Add PAM support to SRA authentication. Cribbed mostly from ftpd. This
doesn't solve the problem of root being allowed to log in, but that sort
of thing is something PAM should be doing anyway.
2001-05-07 20:38:39 +00:00
Brian Feldman
5e5719688a Label the OpenSSH section, then add a small explanation for the existence
of the non-typo "csshd" service.

Prodded by:	markm
Reviewed by:	markm, dwhite, rwatson
2001-04-06 05:52:53 +00:00
Brian Feldman
18c8b827c6 Attempt to support TIS auth by default in the SSHD by providing a
"csshd" requirement of the S/KEY PAM module.
2001-03-30 00:11:33 +00:00
Mark Murray
5bc9d93db3 Add full PAM support for account management and sessions.
The PAM_FAIL_CHECK and PAM_END macros in su.c came from the util-linux
package's PAM patches to the BSD login.c

Submitted by:	"David J. MacKenzie" <djm@web.us.uu.net>
2001-03-27 19:40:51 +00:00
Robert Watson
6a56450bfb o Reinstate Kerberos IV support for sshd when MAKE_KERBEROS4 is
compiled in.  This involves a commented out sshd line to match the
  remainder of the commented out pam_kerberosIV.so entries.  This
  doesn't quite restore the correct behavior, as ticket files are
  not managed properly, but it's an improvement.

Forgotten by: green
2001-02-03 02:09:20 +00:00
Brian Feldman
94193b581b Update for OpenSSH 2.3.0. 2000-12-05 03:01:33 +00:00
Ruslan Ermilov
6f1214d918 Removed broken PAM support from rshd(8) and rlogind(8). rshd does
not allocate a pty(4) so it is not suitable at all for interactive
PAM modules.  rlogind calls login(1) which is already PAM enabled.

Approved by:	markm
2000-10-12 07:18:20 +00:00
Ruslan Ermilov
8df6e02eef The final entry should be required', not sufficient'. 2000-09-21 07:47:36 +00:00
Yoshinobu Inoue
01e65cd554 Add ftpd entries into /etc/pam.conf.
S/Key authentication for ftpd was not working due to ftp implementation and
  /etc/pam.conf missmatch.
  So add ftpd entries into /etc/pam.conf.

Reported by: "Jose M. Alcaide" <jose@we.lc.ehu.es>
Approved by: jkh

Reviewed by: markm
2000-02-12 20:22:20 +00:00
Alexey Zelkin
3ef3fac74f Add items for pop3 and imap
PR:		conf/14714
Submitted by:	Ronald F. Guilmette <rfg@monkeys.com>
2000-01-10 14:08:30 +00:00
Mark Murray
fddd8ddc7f Add a whole bunch of example entries for pam. This should help get
folk over various hurdles.
2000-01-04 06:08:58 +00:00
Michael Haro
f662a816e4 make previous commit's format match rest of file 1999-12-21 08:39:26 +00:00
Michael Haro
e87f5a7464 add default service (other) entries
Reviewed by:	markm (in concept)
1999-12-21 08:36:10 +00:00
John Polstra
d08484e099 Add a sample "/etc/pam.conf" file that configures the authentication
methods used by login.  Changes to "/usr/bin/login" to use it will
be committed later today.  The format of the file is described in
pam(8).

This sample file makes login behave in the traditional way.  To
wit, it enables authentication via S/Key and passwd/NIS lookups.
KerberosIV authentication is present in the sample file but commented
out.

As a safety net and a transition aid, login will fall back on
built-in passwd/NIS authentication if this configuration file is
missing or if some other fatal PAM error occurs.

This file will eventually replace "/etc/auth.conf", but not until
I've finished converting the other utilities, such as passwd and su.
1998-11-20 23:20:01 +00:00