GitHub - openwall/pam_userpass: Use PAM binary prompts to ask the application for username and password

openwall / pam_userpass Public

Notifications You must be signed in to change notification settings
Fork 0
Star 1

Use PAM binary prompts to ask the application for username and password

www.openwall.com/pam/

View license

1 star 0 forks Branches Tags Activity

Star

Notifications

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 28 Commits
conf		conf
include/security		include/security
LICENSE		LICENSE
Makefile		Makefile
README		README
appl_userpass.c		appl_userpass.c
example_userpass.c		example_userpass.c
libpam_userpass.map		libpam_userpass.map
pam_userpass.c		pam_userpass.c
pam_userpass.map		pam_userpass.map
pam_userpass.spec		pam_userpass.spec

Repository files navigation

PAM has traditionally assumed that services doing authentication have
the ability to interact with the user.  Unfortunately, this isn't true
for services that implement non-interactive and/or fixed protocols,
such as FTP and POP3.  This is typically worked around by making the
flawed assumption that PAM_PROMPT_ECHO_ON requests the username and
PAM_PROMPT_ECHO_OFF requests the password.

With pam_userpass, this assumption is no longer required.

pam_userpass uses PAM binary prompts (only available in Linux-PAM) to
ask the application for the username and password specifically.

pam_userpass doesn't perform any actual authentication.  An actual
authentication module should be stacked after pam_userpass and told to
use the authentication token (password) provided by pam_userpass.

-- 
Solar Designer <solar at openwall.com>