PAM & Configure
Andrew Morgan
morgan at transmeta.com
Wed Jan 17 12:08:37 EST 2001
The Linux implementation didn't embrace all of the X/Open draft. It had
a whole lot of half thought out domain and secondary sign on extensions
that weren't well designed.
It is true that the Linux implementation extended stuff a little. But we
have strived very hard to maintain backward compatibility with the
original Sunsoft RFC.
I believe that the root of Damien's problem is that Linux distributions
ship with a default deny option for the 'other' service, whereas other
implementations ship with an 'other' that permits service. Also the
pam_unix module is not necessarily the default configuration on all
systems, so providing a default sshd configuration file (without which
sshd won't work out of the box) is not a trivial task.
It seems that third parties will want to package openshh in their own
format (not just as source code), so I can well understand this
decision.
Cheers
Andrew
More information about the openssh-unix-dev
mailing list