AW: Pam configuration files

Gary Algier gaa at ulticom.com
Thu Apr 8 20:42:35 UTC 2004


Debian-User wrote:
> Hi guys,
> 
> concerning the "Pam configuration files" issue, I would like to ask if
> there is a way to tell ssh (via different config-files) to use different
> authentication methods (ie to use a special pam_service-name)

Sascha:

The pam service used by sshd is derived from argv[0] as passed to the
sshd startup command.

You should be able to do this:

     cd /usr/sbin
     ln sshd gatewaysshd
     cd /etc/sshd
     cp sshd_config gatewaysshd_config
Then edit the first to only listen to an address only accessible from
the inside and edit the second to listen to an address accessible from
the outside (you need two IP addresses, by the way).  The second
should be more restrictive.

     Then make a copy of the rc script and doctor it to
     invoke the new sshd as:
         /usr/sbin/gatewaysshd -f /etc/ssh/gatewaysshd_config
[...]

-- 
Gary Algier, WB2FWZ          gaa at ulticom.com             +1 856 787 2758
Ulticom Inc., 1020 Briggs Rd, Mt. Laurel, NJ 08054      Fax:+1 856 866 2033

Nielsen's First Law of Computer Manuals:
     People don't read documentation voluntarily.





More information about the Pam-list mailing list