PAM_MOUNT and SSH
Murray Trainer
mtrainer at central-data.net
Wed Mar 16 06:11:35 UTC 2005
On Wed, 2005-03-16 at 13:30, Darren Tucker wrote:
> Murray Trainer wrote:
> > Are there any workarounds for the problem below.
>
> [with pam_mount and...]
>
> >>"Jan 21 15:38:07 SUSE92 PAM-warn[30346]: function=[pam_sm_acct_mgmt]
> >>service=[sshd] terminal=[ssh] user=[dawsona] ruser=[<unknown>]
> >>rhost=[localhost]
> >>Jan 21 15:38:07 SUSE92 sshd[30345]: Accepted keyboard-interactive/pam
> >>for dawsona from ::ffff:127.0.0.1 port 1443 ssh2
>
> For OpenSSH 3.9p1 and 4.0p1, you can set the following in sshd_config:
>
> ChallengeResponseAuthentication no
> PasswordAuthentication yes
>
> For the gory details about why this problem fixes the problem, see:
> http://bugzilla.mindrot.org/show_bug.cgi?id=688
>
> There is also an issue with unmounting the the fs at logoff. There is a
> patch for that at the bug below, however that will only work when privsep
> is disabled.
> http://bugzilla.mindrot.org/show_bug.cgi?id=926
>
> If you're interested in testing a patch to fix it for privsep too (when I
> get a chance to write one, that is) please feel free to add yourself to
> the bug's CC list so you will get notified when it changes.
Hi Darren,
I tried using ChallengeResponseAuthentication no and
PasswordAuthentication yes. It worked OK for ssh sessions but we are
tunneling NX sessions through SSH and the NX server had a problem with
that configuration. I look forward to testing any patches you can come
up with.
Thanks
Murray
More information about the Pam-list
mailing list