aboutsummaryrefslogtreecommitdiff
path: root/README
diff options
context:
space:
mode:
authorCharl Botha <cpbotha@cpbotha.net>2001-07-14 20:50:21 +0000
committerCharl Botha <cpbotha@cpbotha.net>2001-07-14 20:50:21 +0000
commit07e2aca8d4c90616fabc99f5abff71b423fad6b7 (patch)
tree2b4d94068fd98ca36b1963ea52064d67da8f55f9 /README
parent632939171280f34924cbae6fe9f286bdc8b508eb (diff)
downloadlibpam-pwdfile-0.95.tar.gz
Integrated patch for 2 second delay at incorrect password.v0.95
Fixed minor build warnings (added _BSD_SOURCE define).
Diffstat (limited to 'README')
-rw-r--r--README11
1 files changed, 8 insertions, 3 deletions
diff --git a/README b/README
index 7a366dd..0bce847 100644
--- a/README
+++ b/README
@@ -1,8 +1,8 @@
README for pam_pwdfile PAM module - Charl P. Botha <cpbotha@ieee.org>
-$Id: README,v 1.7 2001-06-15 21:24:30 cpbotha Exp $
+$Id: README,v 1.8 2001-07-14 20:50:21 cpbotha Exp $
---------------------------------------------------------------------------
-This is version 0.9 of pam_pwdfile.
+This is version 0.95 of pam_pwdfile.
This pam module can be used for the authentication service only, in cases
where one wants to use a different set of passwords than those in the main
@@ -18,7 +18,7 @@ account required /lib/security/pam_pwdb.so
At the moment the only parameters that pam_pwdfile.so parses for is
"pwdfile", followed by the name of the ASCII password database, as in the
above example. Also, thanks to Jacob Schroeder <jacob@quantec.de>,
-pam_pwdfile now supports password file locking. Adding an "flock" parameter
+pam_pwdfile now supports password file locking. Adding a "flock" parameter
activates this feature: pam_pwdfile uses and honours flock() file locking on
the specified password file. Specifying "noflock" or no flock-type
parameter at all deactivates this feature.
@@ -26,6 +26,11 @@ parameter at all deactivates this feature.
Example:
auth required /lib/security/pam_pwdfile.so pwdfile /etc/blah.passwd flock
+Like other PAM modules, pam_pwdfile causes a 2 second delay when an
+incorrect password is supplied. This is too discourage brute force testing;
+however, this behaviour can be disabled with a "nodelay" parameter. Thanks
+to Ethan Benson for this patch.
+
The ASCII password file is simply a list of lines, each looking like this:
username:crypted_passwd[13] in the case of vanilla crypted passwords and
username:crypted_passwd[34] in the case of MD5 crypted passwords. The