[!CrackMonkey!] PAM

Miles Nordin carton at Ivy.NET
Wed Mar 13 12:34:59 PST 2002 

>>>>> "rm" == Rick Moen <rick at linuxmafia.com> writes:

    rm> letting the binary-only crowd switch hashing algorithms
    rm> without having to strain their brains over compilers.

In NetBSD, we use passwd.conf(5), the ``password encryption
configuration file,'' to do this.

I looked in /usr/src/usr.bin/login.c for some PAM-ish reference to
this file or to its corresponding get...ent(..) function.  There isn't
one.  I was astounded to find login.c simply calling crypt(..), as if
large-salt and MD5 passwords didn't exist.  At first I thought NetBSD
had begun the tradition of ``vapour feechers'' popularized by HylaFAX.

Nope.  The only program that uses passwd.conf, is passwd(1). It turns
out the password hash type is encoded into the password itself in a
backward-compatible format, and crypt(3) automatically performs the
appropriate hash when called in the standard way.

so, as long as you fix third-party programs that make bogus
assumptions about the expected length of a hashed password, there is
no need to modify anything.  not libc.  not netatalk.  no O(n^2)
nonsense.  no-thing.  Of course this doesn't help you with S/Key, but
NEITHER DOES PAM!

This is one of the reasons I run NetBSD on i386 boxes.  I'm afraid if
I try FreeBSD, I will start thinking in this bogus way.  ``If we just
modularize the password subsystem, we can add S/Key to netatalk.  Unix
makes the mistake of insufficient modularity.  Now that we have
EXTREME PROGRAMMING WITH C++, we know better.  slather me up with
shared libraries!  The only way one program interfaces with another is
through Method Invocation!''

``Now that you've completed your modular rototilling, does S/Key work
with netatalk?''

``EXTREME PROGRAMMING WITH C++!  APPLICATION PROGRAMMING INTERFACE!
SHARED LIBRARY SLATHER!''

These people program the way Victorians dress.  It takes two hours and
three assistants to put on your clothes, and you have to change before
dinner.  But everything is modular.

-- 
Peace had become the miserable condition of survival, the extreme
urgency of escaping death. Peace was marked simply by the fatigue of
the struggle and the usury of the passions.
		-- Hardt and Negri

More information about the Crackmonkey mailing list