Changing PAM service name in sshd_config, or running sshd as non-root
Michael Tokarev
mjt at tls.msk.ru
Sat Apr 5 00:13:39 EST 2003
Jim Knoble wrote:
> Circa 2003-03-26 19:25:25 +0300 dixit Michael Tokarev:
>
> : Currently, openssh's PAM service name is a compile-time choice.
>
> [...]
>
> : So, that to say - why there is no e.g. PamServiceName configuration
> : option in sshd_config?
>
> There is one, it's just called something different:
>
> ln -s /path/to/sshd /path/to/your-favorite-ssh-service-name
>
> OpenSSH's sshd uses the basename of argv[0] as the service name, as you
> would know if you were to read the INSTALL file that accompanies
> OpenSSH-3.5p1.
In my /etc/pam.d/, there is no file named `sshd', but there is a file
`ssh' (without trailing `d'). Yet sshd works.
Well, that's may be due to the fact that I use openssh that comes with
debian woody, i.e. openssh-3.4p1.
Either way, it would be much more reliable if sshd will use e.g.
PamServiceName from sshd_config.
/mjt
More information about the openssh-unix-dev
mailing list