Question on passing username and password credentials through PLDM
Jayashankar Padath
padathjayashankar at gmail.com
Wed Jan 3 20:48:41 AEDT 2024
Hello Patrick,
Thanks for your suggestion. From the host side they wanted to attach a
graphics adapter so that some of the system management service operations
could be carried out.
As you suggested we would consider the way, other external interface
programs like bmcweb which support similar functionalities.
Thanks and Best Regards,
Jayashankar
On Tue, Jan 2, 2024 at 5:57 PM Patrick Williams <patrick at stwcx.xyz> wrote:
> On Tue, Jan 02, 2024 at 10:16:04AM +0530, Jayashankar Padath wrote:
> > We do have a requirement in which the Host needs to pass the username and
> > password credentials to the BMC PAM module for authentication OR during a
> > password change. These details are passed through the PLDM stack.
>
> This doesn't sound like a requirement, but an implementation decision.
>
> What is the requirement from the host side?
>
> > BMC specific requirements:
> >
> > ◦ The ability to prompt for a username/password and provide
> authentication
> > ◦ The ability to change a password when the current password is expired
> >
> > Seeing two design options here.
> >
> > 1. PLDM calls the PAM APIs directly
> > 2. Make use of BIOS Config manager (But this has only password change and
> > no direct authentication. Also this does not make use of PAM)
>
> My suggestion: Do whatever bmcweb does. PLDM is another external
> interface. If you want to use BMC-side authentication, follow what
> other external interface programs are doing.
>
> --
> Patrick Williams
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/openbmc/attachments/20240103/345653e8/attachment.htm>
More information about the openbmc
mailing list