On Mar 14,  3:51pm, entropy@entropy.homeip.net (maximum entropy) wrote:
-- Subject: Re: pam, ssh, and pam_ssh

| # ssh -l entropy localhost
| Connection closed by 127.0.0.1
| 
| Can you explain to me why you think this has anything to do with 
| authorized_keys?  I see no mention of authorized_keys in the pam_ssh 
| manpage.  It seems to me that even if you accomplish what I think you're 
| trying to accomplish, then you're changing pam_ssh to do something 
| fundamentally different from what it's documented to do.
| 
| Why are you so opposed to just disabling pam_ssh by default?  How is it 
| in anyone's best interest for this to be the default behavior?  Several 
| of us have already been burned by this.  If I got this behavior from a 
| release I'd be furious right now...

We can disable pam_ssh; I am not opposed to it at all. I am just
trying to understand how pam_ssh is supposed to work in that framework.
So if we disable pam_ssh from /etc/pam.d/sshd, do we disable UsePam from
/etc/ssh/sshd_config? What happens for password authentication then?

christos