[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Using SecurID for authentication

Alan Miller wrote:

If you want the OS to retrieve user info from a directory but
authenticate passwords from a SecureID server, couldn't you just
use the PAM modules already provided by RSA?

I'd just second that. OpenLDAP can use SASL, and you can configure SASL locally (e.g., saslauthd) to pass credentials through to PAM. At that point you can just configure PAM to use RSA.

It'll be very clean.

Too bad RedHat (where the SASL and PAM configs will be trivial, if
that's what you're doing) seems to like to ship outdated versions
of OpenSSL.


Richard Goerwitz                               richard@Goerwitz.COM
tel: 507 645 7015