is sshpam_thread() dead code?
Darren Tucker
dtucker at zip.com.au
Mon Jun 28 20:32:40 EST 2004
Bastian Kleineidam wrote:
> I wondered what part sshpam_thread() (in auth-pam.c) is playing wrt. PAM
> authentication.
> It seems to be never called from any other ssh code (judging from CVS
> as of 27.6.2004).
Look for "pthread_create".
> I noticed this because the current openssh package in Debian unstable
> (3.8.1p1) is not calling the pam_authenticate() function at all,
> regardless of my configuration settings.
Try "PasswordAuthentication no", "ChallengeResponseAuthentication yes"
and "UsePam yes".
> In CVS this seems to be fixed with the recently added function
> sshpam_auth_passwd() in auth-pam.c.
3.7x and 3.8x do not support PasswordAuthentication via PAM, that was
(re)added after 3.8.1p1.
> But what about sshpam_thread(), is this function unneeded now or
> should it be called from somewhere?
It's used for the challengeresponse/keyboard-interactive authentication.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list