Regarding PAM_TTY_KLUDGE and Solaris 8...

Damien Miller djm at
Fri Oct 26 10:14:21 EST 2001

On Thu, 25 Oct 2001, Ed Phillips wrote:

> What is the reasoning behind this?  Do we want to see a lastlog entry for
> "ssh" whenever a user runs remote command?  Do other OSes have
> pam_open_session that does more meaningful things than Solaris 8?
> Well...  I guess the more I think about it, it's probably better to go
> ahead an call pam_open_session even for the non-interactive case since
> someone might want to implement a PAM module at their site that logs every
> ssh connection... and if we don't call pam_open_session, then they don't
> even have that capability if they wanted it.

Some people set rlimits using session modules. Someone even filed a Bugtraq
report about it.


| By convention there is color,       \\ Damien Miller <djm at>
| By convention sweetness, By convention bitterness, \\
| But in reality there are atoms and space - Democritus (c. 400 BCE)

More information about the openssh-unix-dev mailing list