![[LWN Logo]](/images/lwn.banner.gif)
From: Dave Airlie <airlied@linux.ie>
Subject: NT/smbpasswd authentication for PAM pam_smb v1.1 (SECURITY BUGFIX)
Date: Tue, 27 Oct 1998 09:12:16 GMT
=====BEGIN PGP SIGNED MESSAGE=====
Hi,
The latest version of pam_smb has been released and all users
should get this latest version, there was a bug identified by many users
of v1.0 that users could sometimes log in without any password if the
config was slightly wrong,
This was due to a bug on the server side with servers having been setup
for share level rather than user level security .. this latest version
stops pam_smb talking to any share level security servers (or at least I
hope it does... )
For anyone wondering about caching and username mapping the code is
written, and I just to have to clean around it and upload it.. it will be
alpha when it arrives so keep an eye on this list for the announce...
** What pam_smb does!
This module allows Linux users to be authenticated from an NT or Samba
server. If the samba server supports encrypted (smbpasswd) passwds this
module can be used to authenticate users using the smbpasswd file.
We are using it here so users can logon to Linux/NT/Solaris boxes without
us having to keep two sets of passwords. Users still require password
entries on the Linux boxes but *'ed passwords should work or if a password
entry exists it will try to use this first and then the remote server is
this fails.
Current version is at:
http://www.csn.ul.ie/~airlied/pam_smb/pam_smb-1.1.tar.gz
or
ftp://ftp.csn.ul.ie/pub/linux/pam/pam_smb/pam_smb-1.1.tar.gz
or from the samba cvs tree pam_smb or from a samba mirror site (hopefully
soon).....
E-mail me with any comments or problems, I can't promise they'll get fixed
but at least I'll know about em :-)
Dave.
------------ David Airlie, David.Airlie@ul.ie,airlied@skynet --------
Telecommunications Research Centre, ECE Dept, University of Limerick \
http://www.linux.ie/~airlied -- Telecommunications Researcher \
--- TEL: +353-86-8209111 -----------------------------------------------
--
This article has been digitally signed by the moderator, using PGP.
http://www.iki.fi/mjr/cola-public-key.asc has PGP key for validating signature.
Send submissions for comp.os.linux.announce to: linux-announce@news.ornl.gov
PLEASE remember a short description of the software and the LOCATION.
This group is archived at http://www.iki.fi/mjr/linux/cola.html
=====BEGIN PGP SIGNATURE=====
Version: 2.6.3i
Charset: latin1
iQCVAgUBNjWOd1rUI/eHXJZ5AQE54AQAkIfwpwtkJ4ZOB6pF4ZyJwZGP1yfh+dj5
qA+zGuCIux/ahSTHz+H7+v04V/9fFixUHuIw8pRP3+DROk7TZkqneVn3ZN9TgAa7
ROSqPb/j6WtESO7HkgoNw0eeR9OSKJEmhU65G9NPtbNsbx3zPchhLeIEDwa+GPJ+
V+86G4+ERdU=
=nCca
=====END PGP SIGNATURE=====