In message <Pine.SOL.3.96.990318152642.10642A-100000@uxa.liv.ac.uk>, Roger Broo
ks writes:
>If you want some other kind of authentication (Kerberos, smartcard,
>fingerprint scanner, urine analysis or whatever) an non-PAM system
>requires that you hack everything which usually prompts for a password
>(login, su, ftpd, xdm etc).

Note:  This isn't quite fair.  BSD Authentication solves this problem too.
I mean, you still have to hack everything *once*, to change the prompting
mechanism - but once you've done it once, you can add authentication schemes
until the cows come home.

-s