3.7.1P2, PermitRootLogin and PAM with hidden NISplus passwor ds
Darren Tucker
dtucker at zip.com.au
Wed Nov 19 20:06:10 EST 2003
Markus Friedl wrote:
>
> On Wed, Nov 19, 2003 at 01:09:18AM +1100, Darren Tucker wrote:
[snip]
> > Maybe we need a more general "AllowedRootAuthMethods" option? Maybe not.
> > Perhaps "PermitRootLogin pubkey-only"?
>
> IMHO it's PAM's job to control access if PAM is used.
I agree, however how can it make decisions involving SSH public-key
authentications? Ie, how could you implement the equivalent of
"PermitRootLogin pubkey-only" purely in PAM?
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list