LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   PAM Pop3 Authentication (https://www.linuxquestions.org/questions/linux-security-4/pam-pop3-authentication-270378/)

vijaykcm 12-26-2004 12:35 AM

PAM Pop3 Authentication
 
Sorry if this is not the right place to ask this question.

We have a email server in some other machine. We now want our email account holders to be able to use our linux system using their pop3 username and password. We do not want to import the accounts in our linux(Fedora Core 1) system. Instead we want our linux machine to authenticate the user against their pop3 account. Is it possible to do so? How?

int0x80 12-26-2004 07:59 AM

Is there a particular reason you don't want to import the accounts onto the linux system? I could see several problems with authenticating against POP3 on a remote machine:

1. Too much overhead. You're going across one or more networks just to authenticate a user when the process could be done instantantly on the linux system.
2. Lack of availability. What if the POP3 system goes down or some other intermediary system is unavailable. Your users should still be able to login to the linux system regardless of the POP3 system status.
3. POP3 is plaintext. User names and passwords would be sent in the clear across the network(s). To work around this, you could use SSH tunnels, or send data with some other form of encryption, but that just increases the overhead.

So why not import the accounts?

vijaykcm 12-26-2004 11:57 PM

The only reason I don't want to import the accounts is that the users need not maintain two accounts in two different systems. Ours is a small school where the students are already given email accounts and even security and availability is not a major issue. We just want the Linux system to be available to them for learning simple Linux commands without a need to maintain a new username/password pair. I hope you understand the situation. Thank you for your help.

int0x80 12-27-2004 11:38 AM

Then why not use something like LDAP for authentication?


All times are GMT -5. The time now is 07:29 AM.