On Fri, 14 May 2021 16:29:32 +0200 Marek Mosiewicz <marek.mosiew...@jotel.com.pl> wrote:
> Hello, > > I think of idea of having additional PAM module which passes login > after receiving and validating signed email (for some scenarios it > could even requires emails from many persons). Signing emails can be > done easliy in secure way and it could be also good for auditing. About 10-15 years ago, largely as a coding exercise / proof of concept, I wrote "mailmin", a Perl program that allows access to a remote system via signed / encrypted email. I am not a security expert or even a very skilled hobbyist, so it's strictly amateur-hour stuff, and undoubtedly horribly insecure, and in any event, it doesn't use the PAM framework, so I doubt it'll be of much use to you, but it was a somewhat similar idea ... https://sourceforge.net/projects/mailmin/ Celejar
