Why doesn't pam_set_data() work with ssh?

[fender]

> > This module uses pam_set_data() function to save satus information for
> > next login attempts. With login application it works fine, but with
> > ssh application it doesn't work.
>
> "ssh" means OpenSSH, right? Afaik, OpenSSH runs PAM authentication in a
> standalone process forked off the master process (monitor). The process is
> started before every authentication attempt and exits after it. Any
> changes made to PAM data during the first attempt are lost before the
> next attempt.
>
> You can use some external (out-of-process) storage to store tokens. Or you
> can modify your module to be able to send and receive token during a
> single authentication attempt (using keyboard-interactive authetication
> method). Or you can hack OpenSSH to preserve PAM state between attemps
> (doable but quite tricky imho).
>

Thanks Pavel. I'm thinking about sqlite to save module status
information, when an user attempts to login trough ssh. Do you have any
other idea to save that data?

Regards,

-- 
Federico