9front - general discussion about 9front
 help / color / mirror / Atom feed
* [9front] dp9ik plugins for pam and bsd auth.
@ 2021-09-05 16:02 Jacob Moody
  2021-09-07 22:03 ` ori
  0 siblings, 1 reply; 4+ messages in thread
From: Jacob Moody @ 2021-09-05 16:02 UTC (permalink / raw)
  To: 9front

Hello all,

I sent some mail previously regarding some work on a standalone tlsclient ripped out of drawterm.
The repo[0] now contains a pam module and bsd auth executable for use in making UNIX system
authentication defer to a 9front authentication server. The ssl library has been changed
to use openssl rather then gnutls as well. I personally have been using the pam module for a
couple months now and haven't had much issue with it. I figure this might be interesting
to those running a hybrid network.

Thanks,
moody

[0] http://shithub.us/moody/tlsclient/HEAD/info.html

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [9front] dp9ik plugins for pam and bsd auth.
  2021-09-05 16:02 [9front] dp9ik plugins for pam and bsd auth Jacob Moody
@ 2021-09-07 22:03 ` ori
  2021-09-08 15:17   ` hiro
  2021-09-08 17:49   ` unobe
  0 siblings, 2 replies; 4+ messages in thread
From: ori @ 2021-09-07 22:03 UTC (permalink / raw)
  To: 9front

Quoth Jacob Moody <moody@mail.posixcafe.org>:
> Hello all,
> 
> I sent some mail previously regarding some work on a standalone tlsclient ripped out of drawterm.
> The repo[0] now contains a pam module and bsd auth executable for use in making UNIX system
> authentication defer to a 9front authentication server. The ssl library has been changed
> to use openssl rather then gnutls as well. I personally have been using the pam module for a
> couple months now and haven't had much issue with it. I figure this might be interesting
> to those running a hybrid network.
> 
> Thanks,
> moody
> 
> [0] http://shithub.us/moody/tlsclient/HEAD/info.html
> 

Thanks, this actually looks like something I should try out.

...So, who's going to do the factotum based chrome password
manager extension?


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [9front] dp9ik plugins for pam and bsd auth.
  2021-09-07 22:03 ` ori
@ 2021-09-08 15:17   ` hiro
  2021-09-08 17:49   ` unobe
  1 sibling, 0 replies; 4+ messages in thread
From: hiro @ 2021-09-08 15:17 UTC (permalink / raw)
  To: 9front

i don't really trust web browsers to hold a temporary and esp. not a
long-term key for any secure session...

you'd need quic/https support inside factotum and the browser needs to
proxy through that...

it's hopeless. but that was the joke i guess ;)

On 9/8/21, ori@eigenstate.org <ori@eigenstate.org> wrote:
> Quoth Jacob Moody <moody@mail.posixcafe.org>:
>> Hello all,
>>
>> I sent some mail previously regarding some work on a standalone tlsclient
>> ripped out of drawterm.
>> The repo[0] now contains a pam module and bsd auth executable for use in
>> making UNIX system
>> authentication defer to a 9front authentication server. The ssl library
>> has been changed
>> to use openssl rather then gnutls as well. I personally have been using
>> the pam module for a
>> couple months now and haven't had much issue with it. I figure this might
>> be interesting
>> to those running a hybrid network.
>>
>> Thanks,
>> moody
>>
>> [0] http://shithub.us/moody/tlsclient/HEAD/info.html
>>
>
> Thanks, this actually looks like something I should try out.
>
> ...So, who's going to do the factotum based chrome password
> manager extension?
>
>

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [9front] dp9ik plugins for pam and bsd auth.
  2021-09-07 22:03 ` ori
  2021-09-08 15:17   ` hiro
@ 2021-09-08 17:49   ` unobe
  1 sibling, 0 replies; 4+ messages in thread
From: unobe @ 2021-09-08 17:49 UTC (permalink / raw)
  To: 9front

Quoth ori@eigenstate.org:
> Quoth Jacob Moody <moody@mail.posixcafe.org>:
> > Hello all,
> > 
> > I sent some mail previously regarding some work on a standalone tlsclient ripped out of drawterm.
> > The repo[0] now contains a pam module and bsd auth executable for use in making UNIX system
> > authentication defer to a 9front authentication server. The ssl library has been changed
> > to use openssl rather then gnutls as well. I personally have been using the pam module for a
> > couple months now and haven't had much issue with it. I figure this might be interesting
> > to those running a hybrid network.
> > 
> > Thanks,
> > moody
> > 
> > [0] http://shithub.us/moody/tlsclient/HEAD/info.html
> > 

This is great! Thanks moody.
 
> Thanks, this actually looks like something I should try out.
> 
> ...So, who's going to do the factotum based chrome password
> manager extension?

An extension would be nice.  I began working on a factotum extension
but decided to just write a JS snippet that communicates via a
websocket to a Perl process that was a pass-through to (p9p's)
factotum.  IIRC, 'twas non-trivial to write an extension, so I took
the path of least resistance.  The JS snippet was rudimentary--I had
stored it as a bookmark so I could "fill in" whichever site I was
using.  I haven't used it for more than a year (tempus volat), but I
can post it somewhere if anyone is interested in looking at the JS and
Perl.  I never did get the 'confirm' functionality implemented within
the browser, but maybe that was a benefit since the browser didn't
have full control of the secstore and the confirmation had to occur
outside the browser.


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2021-09-08 17:59 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-05 16:02 [9front] dp9ik plugins for pam and bsd auth Jacob Moody
2021-09-07 22:03 ` ori
2021-09-08 15:17   ` hiro
2021-09-08 17:49   ` unobe

9front - general discussion about 9front

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://inbox.vuxu.org/9front

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V1 9front 9front/ https://inbox.vuxu.org/9front \
		9front@9front.org
	public-inbox-index 9front

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://inbox.vuxu.org/vuxu.archive.9front


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git