[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Openvpn plugin for passwd authentication

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: Openvpn plugin for passwd authentication
From: Joachim Schipper <j_(_dot_)_schipper_(_at_)_math_(_dot_)_uu_(_dot_)_nl>
Date: Thu, 13 Apr 2006 09:26:41 +0200
Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org

On Wed, Apr 12, 2006 at 10:58:49PM -0300, Giancarlo Razzolini wrote:
> Lars Hansson wrote:
> > On Wednesday 12 April 2006 23:21, Giancarlo Razzolini wrote:
> >> 	I wrote a plugin for Openvpn that does authentication using the passwd
> >> or the shadow files
> >
> > What would be even cooler is a bsd-auth plugin.
> >

> My plugin uses the getpwnam(3) function if you do not set the Makefile
> directive USE_SHADOW. <...> If the program runs with the uid 0 (which
> is the case here), it will successfully authenticate the user. So it
> does authentication in BSD systems cause, AFAIK, this behavior of the
> getpwnam(3) is present on all BSD derivative systems,

Lars is referring to auth_verify(3) and the like, which implements full
authentication. It's a far more robust solution, not in the least
because it ties in with all the other supported authentication options.

		Joachim

Follow-Ups:
- Re: Openvpn plugin for passwd authentication
  - From: Giancarlo Razzolini

References:
- Openvpn plugin for passwd authentication
  - From: Giancarlo Razzolini
- Re: Openvpn plugin for passwd authentication
  - From: Lars Hansson
- Re: Openvpn plugin for passwd authentication
  - From: Giancarlo Razzolini

Prev by Date: Sparc64 Crash- Sensors/admtemp
Next by Date: DHCP on aue0 fails during install (informational)
Previous by thread: Re: Openvpn plugin for passwd authentication
Next by thread: Re: Openvpn plugin for passwd authentication
Index(es):
- Date
- Thread

Visit your host, monkey.org