On Wed, Aug 16, Kurt Seifried wrote:
We have support for it since a long time. Read /usr/doc/packages/pam/README.md5 on SuSE Linux 6.4 or /usr/share/doc/packages/pam/README.md5 on SuSE Linux 7.0. Or look in your handbook.
md5 is problematic, because a lot of Unix and services/protocols don't understand it. Only look at distributions which have md5 as default, how long take it until programs like yppasswd/rpc.yppasswdd for example where fixed and doesn't crash with a buffer overun ? (I know when I have fixed it ;)
PAM. THis is why we have PAM. A program ralks to PAM, PAM does the grunt work. It could be a crypt based password scheme, MD5 or a smart card, the applicaiton doesn't know or care.
No, you don't understand the problem and it seems you have not understand what PAM is for and what not. PAM must use the defined protocol to get the password or to change it. If the protocol does not allow md5, PAM cannot ignore this and use md5. PAM can only use what is allowed. If the server on the other side is buggy and don't work with md5, PAM cannot fix this. PAM is for making applications simpler and configuration easier, not for replacing existing authentication schemes or protocols. Thorsten -- Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@suse.de SuSE GmbH Schanzaeckerstr. 10 90443 Nuernberg Linux is like a Vorlon. It is incredibly powerful, gives terse, cryptic answers and has a lot of things going on in the background.