[Bug 1215] sshd requires entry from getpwnam for PAM accounts

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Mon Oct 2 10:14:01 EST 2006


http://bugzilla.mindrot.org/show_bug.cgi?id=1215





------- Comment #4 from dtucker at zip.com.au  2006-10-02 10:14 -------
(In reply to comment #3)
> Is it included in 4.4p1?

No, it's not in 4.4p1.  I'm still not convinced it's a good idea and it
has not been tested or reviewed much.

> If yes, is that mean user can ssh with pam
> auth success even if s/he do not have a local account?

If you apply the patch then yes, you should be able to log into a
system using a username that does not exist in the local passwd file
(or wherever's listed in nsswitch.conf) provided that PAM accepts the
username, permits the login and maps PAM_USER to a name that does exist
before the end of the authentication.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.



More information about the openssh-bugs mailing list