Mapping username in PAM and OpenSSH

[Francesco Di Natale]

Hello all,

I have been looking in the archives that somebody talks about changing the
username by using PAM (
http://www.redhat.com/archives/pam-list/2008-November/msg00009.html).

I am facing with the same problem. I would like to access using OpenSSH
another machine in which there is a PAM module that carry out a change of
user. Let me explain it better. What I am trying to do is:

   1. Through OpenSSH the user inputs as username 'anonymous' and password
   'anonymous' too.
   2. The PAM module tries to map 'guest' to 'system' and doesn't mind about
   the password.
   3. The final result would be to see the prompt showing 'system at mycomputer$'
   and the corresponding folder mounted as the working one.

This is the piece of code that is supposed to make the change of user:

int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc,const char
**argv)
{

int retval = pam_set_item(pamh, PAM_USER, "system");

return PAM_SUCCESS;

}


BUT the log says that 'anonymous' is not a valid user and it doesn't log as
'system'. My questions are:


   - Despite the fact that I have created 'anonymous' as user, I haven't
   been capable of mapping the user 'system' with PAM.
   - I have taking a look to NSS (which is one of the solutions given in the
   previously mentioned thread) and don't know how does it fit in this
   structure. Am I wrong?
   - Is OpenSSH fault because it seems that doesn't take into account the
   change of user?
   - Is user mapping possible in this structure (OpenSSH + PAM)?

I apologize for such a long mail but I just wanted to be accurate.

Thanks a lot
Have a great day
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pam-list/attachments/20090108/76024806/attachment.htm>