OpenSSH and PAM
Paul Nicholas Faure
paul at engsoc.org
Mon Sep 11 06:34:38 EST 2000
Does OpenSSH support PAM fully ?
OpenSSH does not prompt the user for a new password if it has expired. It
simply says "Warning: You password has expired, please change it now".
My /etc/pam.d/sshd file is:
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_unix.so shadow nullok
auth required /lib/security/pam_nologin.so
account required /lib/security/pam_unix.so
password required /lib/security/pam_cracklib.so retry=3
password required /lib/security/pam_unix.so shadow nullok use_authtok nis
session required /lib/security/pam_unix.so
session optional /lib/security/pam_console.so
My /etc/pam.d/login file is the same as /etc/pam.d/sshd. And telnet
properly prompts me for a password.
--
Paul Faure paul at paulfaure.com
Carleton University Systems Engineer 3rd Year paul at porkchop.org
Engsoc Admin/BOG Technical Director paul at engsoc.org
More information about the openssh-unix-dev
mailing list