afs password

From: Susan Cordova (
Date: 03/07/02

From: Susan Cordova <>
Date: Thu, 07 Mar 2002 13:06:11 -0800


  I have compiled openssh_2.9 with AFS support. The problem is that
users are allowed to login to my systems using just their AFS password.
This is a problem because I do not manage AFS and therefore cannot
enforce strong password checks and password expirations. Is there a way
to change the behavior of this? Could I have it ask for the local
password and then the AFS password? If the AFS password is correct, then
provide an AFS token.

Is there a pam module?
I would appreciate any advice or push in the right direction.

By the way, my system is an ultra running Solaris 7

Thank you