[Klug-general] help with pam

Mike Evans mike at tandem.f9.co.uk
Wed Sep 30 15:10:39 UTC 2009

> Now for a method to keep them all in sync.... Which I'm not thinking
> is possible.
I seem to remember that the way both systems work is that you only need 
to know how to encrypt the password.  There is no decryption mechanism - 
the system simply encrypts what the user types and compares it with the 
stored value.

Therefore what you would have to do is replace the program used to set 
the password with one which sets the password for both stores, using the 
encryption method of each system to encrypt it and store it.  If course 
you might find that hard as the users may choose to use some GUI which 
does something you can't get to unless you get the source and fiddle. 
Really it ought to be possible to do it through pam again using the 
password bits rather then the auth bits.  Can't say I've done it though.


More information about the Kent mailing list