Problem with using both pam_listfile to deny logins and pubkey authentication

Sakari Ailus sakari.ailus at
Thu Feb 14 08:28:19 EST 2002


I'm trying to use to deny logins from all others but few 
users (names in /etc/loginusers). With password authentication it works 
fine, but with public key authentication OpenSSH lets in users whose 
names arent't in /etc/loginusers. AllowUsers in sshd_config does what 
one would expect.

I'm using OpenSSH-3.0.2p1 on Debian testing (package version 
1:3.0.2p1-6) and tried this also on stable (OpenSSH package version 
1:3.0.1p1-0 from unstable); the situation is same there.

Has anyone else noticed this or is it Debian's or my own problem?

auth       required item=user sense=allow 
file=/etc/loginusers onerr=fail
auth       required
auth       required
auth       required # [1]

account    required

session    required
session    optional # [1]
session    optional # [1]
session    optional standard noenv # [1]
session    required

password   required

Sakari Ailus
sakari.ailus at

More information about the openssh-unix-dev mailing list