Wings of Hermes


Wings of Hermes is a site devoted to computer security, particulary in the open source arena. It's primarily a collection point for things I'm interested in - hopefully it's useful to others as well.


9 June 2015

Released version 0.4 of my pldap library. It's a very simple lightweight PAM module for authenticating users against LDAP. Primarily for Linux.

02 May 2010

Will I find it quite hard to believe - 4 years since I last updated this site! Time for a bit of TLC I think. I've added a blog site that you can jump to from the left hand menu and over the next few weeks I might start looking at the links and rearranging things a bit.

23 April 2006

Version 0.2 of Pldap has been released. This officially moves the code to beta status, and includes a number of minor fixes including:

  • Support for Solaris, NetBSD and FreeBSD
  • Configure fixes to determine client LDAP libraries
  • Compile under Redhat FC5
  • Minor Bug Fixes

13 March 2006

I've just added a new section to the site for musings on Information Security. Over time I expect it to become a collection of the things I've found out the hard way.

The section has been started off with some thoughts on policy and the importance that it really holds in the big scheme of things. Comments welcome - just email me at berin AT wingsofhermes DOT org.

8 May 2005

I've been working on a replacement PAM LDAP module (called pldap) to allow me to implement some features I require when determining whether a user is permitted to access a particular system based on group membership in an LDAP compliant directory. This is the first alpha release of the code. All comments and feedback/thoughts welcome.

In its first release, the module has been implemented against OpenLDAP under Linux, and supports a number of basic authentication features, such as :

  • Authenticating users to a directory using a simple bind
  • Using a filter to search groups for permission to access a particular system
  • Format strings to allow users to configure how a userid appears in a DN
  • TLS

The long term plan is to try to put together a PAM module that has a concept of history, to reduce high overhead queries to the directory.

The code is licensed under the Apache License 2.0 license.