PAM_RUSER never set under ssh2?
Broadfoot, Kieran J
Kieran.Broadfoot at gs.com
Sat Jul 19 01:13:52 EST 2003
Everyone,
First my apologies if this has been discussed before on this list, I was
unable to
find reference to it in the archives. I have a pam module that requires
PAM_RUSER
to be set however Ive found that if I connect to the remote server (where
the pam
module is installed) via ssh the PAM_RUSER variable is never set.
The PAM_RUSER variable is set within auth-pam.c (line 239 in 3.6p1) as such:
int do_pam_account(char *username, char *remote_user)
{
...
if (remote_user) {
debug("PAM setting ruser to \"%.200s\"", remote_user);
pam_retval = pam_set_item(__pamh, PAM_RUSER, remote_user);
however do_pam_account() is called in only two locations (auth2.c and
monitor.c) and
in both cases remote_user is passed as NULL. As such the PAM_RUSER variable
is never
set.
Although auth1.c (i.e SSH1) does indeed seem to pass something useful to
do_pam_account
unfortunately we need to be using SSH2 only on the server due to other
constraints.
Does anyone have any idea how this can be circumvented? Am I missing an
obvious config
file option? Thanks in advance for any help in this matter, I will of
course pass
back any solutions.
Thanks
kieran
More information about the openssh-unix-dev
mailing list