askpass replacement which uses pam module to get password?
Ford Prefect
weed at thebucket.org
Thu Nov 14 09:12:59 EST 2002
greetings all,
i'm not a member of this list, but i'm wondering if anyone has ever tried
this before.
i'm deploying some linux clients which authenticate against a yp server.
at login time, if the user has never logged into the machine before, a
script automatically creates their home directory. next, a pam module
named pam_authtoken opens a unix socket which makes the plaintext password
available to a script which then runs rsync -e ssh to sync their new home
directory with the one on the server. at logout time, the process is
reversed. the end result is intended to be similar to the "roaming
profiles" system of a certain other operating system.
unfortunately, i can't find a way to pipe the password into ssh that
doesn't expose it one way or another.
has anyone done any work on a way to get ssh (not sshd) to get it's
password from a pam module (or heck, even from an environment variable)?
i saw the work done on the fd patch and i guess that's a possibility, but
i was hoping for something cleaner.
like i said, i'm not subscribed to this list, so please cc me on any
responses.
thanks for your time,
chris
More information about the openssh-unix-dev
mailing list