On Wed, 14 Jun 2000, Peter Seebach wrote:

> I don't recall seeing it.  Anyway, BSD/OS ships with
> 
> login_activ       login_kerberos    login_radius      login_skey
> login_auth        login_krb-or-pwd  login_rchpass     login_snk
> login_chpass      login_lchpass     login_reject      login_token
> login_crypto      login_passwd      login_rpasswd     

Impressive list!

Straw poll: would people prefer a compatible system, ie a clone of the
BSD/OS mechanism, or a radical new spangling system of my design?

My radical system would probably be usable for SASL-type stuff, eg IMAP
CHAP and so on - a very generic API for authentication protocols, which
can be used by "prompting a human being" front ends or more abstract
client->server protocols.

I'm something of a fan of making an authentication API that most things
can back onto in a flexible enough manner to avoid having to have so many
different authentication databases lying around - Samba has to use a
different one, for example, to be compatible with SMB...

ABW

-- 

    http://RF.Cx/
  http://www.alaric-williams.com/
    http://www.warhead.org.uk/
      alaric@alaric-williams.com

           ph3@r mI sk1llz l3st I 0wn j00