[Bug 423] Workaround for pw change in privsep mode (3.5.p1)
Michael Steffens
michael_steffens at hp.com
Thu Nov 7 22:40:37 EST 2002
Frank Cusack wrote:
> On Thu, Nov 07, 2002 at 10:52:02AM +0100, Michael Steffens wrote:
>
>> This is also the reason why I found it too complicated to
>> implement the clean solution 1) for the moment. It would
>> require to tunnel the entire conversation between session
>> daemon and monitor, rather than just doing a request/response
>> between these.
>
>
> The keyboard-interactive authentication method does this (and was designed
> with PAM in mind). It won't work correctly with privsep on (AFAIK).
Ooops, not familiar with that part.
But if it does only work with privsep off I would assume it
doesn't do conversation tunneling between session daemon
and monitor, because there is no monitor?
Or do I have an oversimplified view of the world here? :)
Cheers!
Michael
More information about the openssh-unix-dev
mailing list