[Bug 165919] Review Request: pam_ssh Pluggable Authentication Module for ssh
bugzilla at redhat.com
bugzilla at redhat.com
Mon Aug 15 19:11:01 UTC 2005
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Review Request: pam_ssh Pluggable Authentication Module for ssh
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=165919
------- Additional Comments From dmitry at butskoy.name 2005-08-15 15:10 EST -------
By the way, our examples (using pam_ssh together with new pam_console ability
to authenticate login user):
/etc/pam.d/login:
#%PAM-1.0
auth required pam_securetty.so
auth sufficient pam_console.so
auth required pam_stack.so service=system-auth
auth optional pam_ssh.so try_first_pass
auth required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session required pam_stack.so service=system-auth
session optional pam_console.so
session optional pam_ssh.so
# pam_selinux.so open should be the last session rule
session required pam_selinux.so multiple open
/etc/pam.d/gdm:
#%PAM-1.0
auth required pam_env.so
auth sufficient pam_console.so
auth required pam_stack.so service=system-auth
auth optional pam_ssh.so try_first_pass
auth required pam_nologin.so
account required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
session optional pam_console.so
session optional pam_ssh.so
The result is one password typing for all consoles and gdm (pam_console) and
for all crypted keys to access remote hosts (pam_ssh) .
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the fedora-extras-list
mailing list