Subject: Re: pam, ssh, and pam_ssh
To: maximum entropy <entropy@entropy.homeip.net>
From: Christos Zoulas <christos@zoulas.com>
List: current-users
Date: 03/14/2005 18:33:02
On Mar 14, 3:51pm, entropy@entropy.homeip.net (maximum entropy) wrote:
-- Subject: Re: pam, ssh, and pam_ssh
| # ssh -l entropy localhost
| Connection closed by 127.0.0.1
|
| Can you explain to me why you think this has anything to do with
| authorized_keys? I see no mention of authorized_keys in the pam_ssh
| manpage. It seems to me that even if you accomplish what I think you're
| trying to accomplish, then you're changing pam_ssh to do something
| fundamentally different from what it's documented to do.
|
| Why are you so opposed to just disabling pam_ssh by default? How is it
| in anyone's best interest for this to be the default behavior? Several
| of us have already been burned by this. If I got this behavior from a
| release I'd be furious right now...
We can disable pam_ssh; I am not opposed to it at all. I am just
trying to understand how pam_ssh is supposed to work in that framework.
So if we disable pam_ssh from /etc/pam.d/sshd, do we disable UsePam from
/etc/ssh/sshd_config? What happens for password authentication then?
christos