ssh daemon fails to call pam when user does not exist in /etc/passwd
Darren Tucker
dtucker at zip.com.au
Tue Jun 15 19:33:13 EST 2004
Jayarama Vijay Kumar wrote:
> We recenlty ugraded to openssh-3.7.1p2. Our architecture is
> ssh daemon uses pam module which sends request to remote
> radius/tacacs+ servers based on configuration.
> Now if I create the user in /etc/passwd, then ssh daemon calls pam and
> everthing works fine.
> But if the user is not present in /etc/passwd, then ssh daemon is not
> calling pam. The debug log is given below. All these were working in
> prior versions. Any idea why there is dependency on local user accounts
> ? I have also given sshd's pam file
I posted a patch for this a while back (attached). It's only been
lightly tested but it's worth a try.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: openssh-chall2-no-leak.patch
Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20040615/c6299c7a/attachment.ksh
More information about the openssh-unix-dev
mailing list