[patch] Builtin Mysql authentication

André Luís Quintaes Guimarães andreq at infolink.com.br
Fri Jun 6 00:36:23 EST 2003


    Hi,
          I would like to propose a patch that authenticates users in a
mysql database without the use of nss-mysql or pam-mysql.

        I have a working patch, such that in case of a failure in getpwnam()
it searchs for the user in a mysql database and fills his pw password
struct. Although my actual patch uses pam-mysql to authenticate, I think it
would be better if all authentication is builtin openssh, eliminating
entirely the use of pam or nss (which I dont trust).

    Such patch could be extended to other databases or ldap, depending on
the users choice at compile time. Parameters would be read from sshd_config.
It could even have some flag that tells to chroot the user to a specific
jail.

    Please, tell me what your opinions are and the possibility to accept
this patch. IMHO it would be a nice addition with few code lines, useful
especially for access or hosting providers (like myself) that must supply
its clients a form of managing his account without having to maintain
thousands of entries in files.

    Thanks for your time, warm regards




More information about the openssh-unix-dev mailing list