Thats why I said its for the future :-)
I always use crypt if it's going outside the server, so some form of
encrypted transport is required. Anyhow, the main reason I mentioned
PAM, is that not every platform would have a password file (NT for
example, although you can configure one in cygwin).
Peter
--
Peter Mount
Enterprise Support
Maidstone Borough Council
Any views stated are my own, and not those of Maidstone Borough Council.
-----Original Message-----
From: Hannu Krosing [mailto:hannu@tm.ee]
Sent: Wednesday, April 12, 2000 10:47 AM
To: Peter Mount
Cc: 'Henk van Lingen'; pgsql-interfaces@postgresql.org
Subject: Re: [INTERFACES] ODBC and crypted passwords
Peter Mount wrote:
>
> One thing that may be useful, is not to check against the unix
password
> file, but to use PAM. That way, you could even authenticate against
the
> dreadded NT accounts, unix password file, dbm file etc...
>
> Anyhow, this is something to think about for the future ;-)
IMHO this defeats the purpose of crypt - not to send plaintext passwords
over the net.
OTOH, it could be done over a secure (SSL/TLS) channel of course.
-----------
Hannu
