Port to SCO Openserver with PAM enabled

Martin P. Degrati mdegrati at fceia.unr.edu.ar
Tue Oct 29 01:27:36 EST 2002


Hi all, I'm writing to you becuase I have compiled PAM in SCO (now Caldera)
Openserver 5.0.x, and when I tried to use SSH with PAM enabled, y realized
that OpenSSH depends on the user to exist en the /etc/passwd, and
/etc/shadow databases, or equivalent ones (it uses getpw...() functions to
determine validity of the user).

In Linux, the simlpe solution is to use nsswitch, but it seems to hard (and
not strictly necesary) to make a port of it for Openserver too.

I'm administering security in a network with more than 20 server, and I'm
triyng to implement LDAP as a directory service (I do not want to use NIS)
to simplify mi task. That's why I reach this point.
It doen't matter for me if I have to use UIDs instead of UserNames to
idetify users, so that's why I think that is not necessay to make a port of
nsswitch.

I would like to know your opinions about this situation, and if you consider
that is strictly necessary to have nsswitch capabilities to make it work
corecctly.

I was first tempted to adapt SSH code o handle mi situation, but I don't
want to be tied to a particular SSH version, so I prefer to consult your
opinion first.

I hope for your answer,

Thanks in advance,
Martin.-

--------------------------------------------------------
Lic. Martin P. Degrati
Universidad Nacional de Rosario
Rosario, Santa Fe, Argentina
mdegrati at fceia.unr.edu.ar
--------------------------------------------------------




More information about the openssh-unix-dev mailing list