On Feb 27, 2005, at 11:05 AM, John Nemeth wrote:

>      Based on this, pppd should be fine, since it would primarily be
> used for modems that are directly attached to the system (modems
> attached to terminal servers would usually use RADIUS).  How about
> racoon?  I don't know if the passwords it sends are sent over an
> encrypted channel.  Since login would be used primarily by getty runing
> on the console or direct attached serial terminals/modems how about
> it?

racoon should probably be fine -- check with manu.  pppd should also be 
fine.

login -- yah, I guess that's true, although it's also possible to run 
login(1) manually after one has telnet'd into a system.

I will go through and add commented-out pam_ssh to several service 
configs and document why it's commented out.

-- thorpej