Subject: Re: Authenticating with LDAP
To: NetBSD User's Discussion List <netbsd-users@NetBSD.ORG>
From: Greg A. Woods <woods@weird.com>
List: netbsd-users
Date: 01/15/2003 13:31:28
[ On Wednesday, January 15, 2003 at 13:03:25 (-0500), Chuck Yerkes wrote: ]
> Subject: Re: Authenticating with LDAP
>
> Me?  I want to slide a smart card into my (Solaris|BSD|Linux|
> or Windows box) get a popup for a passphrase and log in everywhere.
> PAM looks to be the best bet for the Unix side in that it (even with
> slight variations) run on all these platforms.

PAM has nothing whatsoever to do with making that possible on *BSD (or
even *Linux for that matter), and even if you do have the Solaris PAM
modules they won't help much with any other OS -- as has been stated
here before, PAM stuff is _not_ all that portable, not even at the
source level.  The point is that if you have the source for the Solaris
PAM module(s) then it's probably just as easy, or maybe even easier, to
directly integrate whatever hooks you need into something like nsswitch
than it would be to port the PAM code, and obviously any vendor of such
source could make it a trivial job if they wished.

-- 
								Greg A. Woods

+1 416 218-0098;            <g.a.woods@ieee.org>;           <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>