6
Is it possible to have more than one password simultaneously attached to a login account in Linux?
I'd like to be able to add a temporarily-authorized user to an account on my web server, but don't want to have to change the login afterwards.
Is this possible?
Even cooler would be if this could be done with a timer of some kind so the temporary password would auto-die after, say, 24 hours.
warren
Posted 2010-06-14T19:59:25.057
Reputation: 8 599
5
PAM can do all sorts of awesome auth stuff. That list is probably a bit out of date, so have a look around.
Ignacio Vazquez-Abrams
Posted 2010-06-14T19:59:25.057
Reputation: 100 516
4
OPIE is probably something you would like for your needs. Also, remember that permissions are set based on the User ID, not the login name. So, you can share the same UID of someone else without sharing the same password, login name, home directory and login shell (as well as any other place that let you configure your system without the login shell). PAM as also a very flexible (but complex) system that you can configure to do a lot of weird stuff (like allowing login only from some place at some time, or dual-factor authentication).
Fabien Ninoles
Posted 2010-06-14T19:59:25.057
Reputation: 51
the duplicated uid is not a direction I'd considered yet - thanks :) – warren – 2012-06-20T14:07:25.927
It is not: PAM updates very rarely, and why authentication framework must be updated often? – whitequark – 2010-06-15T05:18:17.553
2The modules, not the framework... – Ignacio Vazquez-Abrams – 2010-06-15T05:28:31.960
I'm looking with a new issue from AskUbuntu (server) but the link is dead with a 404 :-( – Reinstate Monica - ζ-- – 2012-06-19T21:43:59.153
I suggest changing the link to http://web.archive.org/web/20110612173211/http://www.kernel.org/pub/linux/libs/pam/modules.html
– Reinstate Monica - ζ-- – 2012-06-19T21:49:48.740