* [9front] dp9ik plugins for pam and bsd auth.
@ 2021-09-05 16:02 Jacob Moody
2021-09-07 22:03 ` ori
0 siblings, 1 reply; 4+ messages in thread
From: Jacob Moody @ 2021-09-05 16:02 UTC (permalink / raw)
To: 9front
Hello all,
I sent some mail previously regarding some work on a standalone tlsclient ripped out of drawterm.
The repo[0] now contains a pam module and bsd auth executable for use in making UNIX system
authentication defer to a 9front authentication server. The ssl library has been changed
to use openssl rather then gnutls as well. I personally have been using the pam module for a
couple months now and haven't had much issue with it. I figure this might be interesting
to those running a hybrid network.
Thanks,
moody
[0] http://shithub.us/moody/tlsclient/HEAD/info.html
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [9front] dp9ik plugins for pam and bsd auth.
2021-09-05 16:02 [9front] dp9ik plugins for pam and bsd auth Jacob Moody
@ 2021-09-07 22:03 ` ori
2021-09-08 15:17 ` hiro
2021-09-08 17:49 ` unobe
0 siblings, 2 replies; 4+ messages in thread
From: ori @ 2021-09-07 22:03 UTC (permalink / raw)
To: 9front
Quoth Jacob Moody <moody@mail.posixcafe.org>:
> Hello all,
>
> I sent some mail previously regarding some work on a standalone tlsclient ripped out of drawterm.
> The repo[0] now contains a pam module and bsd auth executable for use in making UNIX system
> authentication defer to a 9front authentication server. The ssl library has been changed
> to use openssl rather then gnutls as well. I personally have been using the pam module for a
> couple months now and haven't had much issue with it. I figure this might be interesting
> to those running a hybrid network.
>
> Thanks,
> moody
>
> [0] http://shithub.us/moody/tlsclient/HEAD/info.html
>
Thanks, this actually looks like something I should try out.
...So, who's going to do the factotum based chrome password
manager extension?
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [9front] dp9ik plugins for pam and bsd auth.
2021-09-07 22:03 ` ori
@ 2021-09-08 15:17 ` hiro
2021-09-08 17:49 ` unobe
1 sibling, 0 replies; 4+ messages in thread
From: hiro @ 2021-09-08 15:17 UTC (permalink / raw)
To: 9front
i don't really trust web browsers to hold a temporary and esp. not a
long-term key for any secure session...
you'd need quic/https support inside factotum and the browser needs to
proxy through that...
it's hopeless. but that was the joke i guess ;)
On 9/8/21, ori@eigenstate.org <ori@eigenstate.org> wrote:
> Quoth Jacob Moody <moody@mail.posixcafe.org>:
>> Hello all,
>>
>> I sent some mail previously regarding some work on a standalone tlsclient
>> ripped out of drawterm.
>> The repo[0] now contains a pam module and bsd auth executable for use in
>> making UNIX system
>> authentication defer to a 9front authentication server. The ssl library
>> has been changed
>> to use openssl rather then gnutls as well. I personally have been using
>> the pam module for a
>> couple months now and haven't had much issue with it. I figure this might
>> be interesting
>> to those running a hybrid network.
>>
>> Thanks,
>> moody
>>
>> [0] http://shithub.us/moody/tlsclient/HEAD/info.html
>>
>
> Thanks, this actually looks like something I should try out.
>
> ...So, who's going to do the factotum based chrome password
> manager extension?
>
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [9front] dp9ik plugins for pam and bsd auth.
2021-09-07 22:03 ` ori
2021-09-08 15:17 ` hiro
@ 2021-09-08 17:49 ` unobe
1 sibling, 0 replies; 4+ messages in thread
From: unobe @ 2021-09-08 17:49 UTC (permalink / raw)
To: 9front
Quoth ori@eigenstate.org:
> Quoth Jacob Moody <moody@mail.posixcafe.org>:
> > Hello all,
> >
> > I sent some mail previously regarding some work on a standalone tlsclient ripped out of drawterm.
> > The repo[0] now contains a pam module and bsd auth executable for use in making UNIX system
> > authentication defer to a 9front authentication server. The ssl library has been changed
> > to use openssl rather then gnutls as well. I personally have been using the pam module for a
> > couple months now and haven't had much issue with it. I figure this might be interesting
> > to those running a hybrid network.
> >
> > Thanks,
> > moody
> >
> > [0] http://shithub.us/moody/tlsclient/HEAD/info.html
> >
This is great! Thanks moody.
> Thanks, this actually looks like something I should try out.
>
> ...So, who's going to do the factotum based chrome password
> manager extension?
An extension would be nice. I began working on a factotum extension
but decided to just write a JS snippet that communicates via a
websocket to a Perl process that was a pass-through to (p9p's)
factotum. IIRC, 'twas non-trivial to write an extension, so I took
the path of least resistance. The JS snippet was rudimentary--I had
stored it as a bookmark so I could "fill in" whichever site I was
using. I haven't used it for more than a year (tempus volat), but I
can post it somewhere if anyone is interested in looking at the JS and
Perl. I never did get the 'confirm' functionality implemented within
the browser, but maybe that was a benefit since the browser didn't
have full control of the secstore and the confirmation had to occur
outside the browser.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-09-08 17:59 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-05 16:02 [9front] dp9ik plugins for pam and bsd auth Jacob Moody
2021-09-07 22:03 ` ori
2021-09-08 15:17 ` hiro
2021-09-08 17:49 ` unobe
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).