-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 lo,
On Tuesday 17 January 2006 14:32, Paweł Madej wrote: > At this moment I use standard autentication. No such thing. You mean you are using the authentication that Gentoo uses with a default style installation. > I already don't have any > plan of changing passwords, Then why are you worried about strong passwords? > but want implement some good solution. > Already user can manage its passwords via passwd command. Is PAM secure > thing? Because I heard very different opinions about it, once that it is > great, once that it could make big security hole. PAM is by far the best authentication mechanism around for unix imo. If you don't use something like PAM, then when you want to integrate say openldap, you'd have to manually hack every part of the login procedure to do ldap support, likewise for securID etc etc. With pam you get a mechanism that all authentication processes can hook into, ie an universal interface. PAM is like most things, you can take the time to make it as secure as you need it to be, I don't believe that it has any major problems at this point in time. - -- - -- Benjamin Smee (strerror) crypto/forensics/netmail/netmon -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.9.20 (GNU/Linux) iD8DBQFDzSStAEpm7USL54wRAkWCAJ9VzT5cSfa1U4XOIPhpxrHW6RdpDQCeOpQA yUeWVsDLie/bU+MkgF3MuS8= =vftg -----END PGP SIGNATURE----- -- [email protected] mailing list
