On 24 Jun 1999, Bill Gribble wrote:

> I'm setting up shared home directories using Coda and I'm wondering
> what the best way to automatically give users Coda auth tokens on
> login is.  I'm on a glibc-2.1 Debian Linux system using PAM.
> 
> For the moment, I'm just telling my 5-10 users that they have to put
> their Coda password in clear text in a mode 600 file called
> ~/.coda_password, and then add the line 'cat .coda_password | clog' to
> their X startup and login-rc files.  But I HATE the idea of passwords
> stored in clear text anywhere, even though I know that access to
> ~/.coda_password requires access to the user's files, which is all
> Coda authentication will get you.
> 
> Is there an easy way to make this better?  I'm sure there are standard
> ways to solve this problem, perhaps using Kerberos?

Yes, this would be what you want. I've been playing with kerberos and Coda
for awhile now, and I PAM modules for kerberos that work decently well. I
currently have a cluster where 'kclog' is run in bashrc on login.

What remains to be done is for someone to write a 'kclog' PAM module which
would even remove the need for running kclog at all.


> 
> Thanks for any advice,
> Bill Gribble
> 
> 
> 

--------------------------------------------------------------------------
| Troy Benjegerdes    |       troy_at_microux.com     |    hozer_at_drgw.net   |
|    Unix is user friendly... You just have to be friendly to it first.  |
| This message composed with 100% free software.    http://www.gnu.org   |
--------------------------------------------------------------------------