Keyboard-interactive authentication from a PAM module

Josele Lerele josimapi at
Thu Nov 6 20:08:12 EST 2008

I am using version 5.1. I know you can send information through the banner,
but I would like to send dynamic information from the PAM module. Do you
think this is possible without prompting something in the client?

2008/11/6 Darren Tucker <dtucker at>

> Josele Lerele wrote:
>> Hello,
>> I am developing a PAM module that is called from OpenSSH server when a
>> ssh-client wants to login in the machine. I want my module PAM to send a
>> message to the ssh-client as soon as the PAM module is called by using the
>> pam_info function, but I have checked that the message is not instantly
>> shown in the client unless I send a prompt.
>> I would like to find a way to send the message instantly from my PAM
>> module
>> without prompting. Any suggestions?
> What version of OpenSSH are you using?  Modern versions will send a SSH2
> banner message if they get a conversation request from PAM without a prompt.
> --
> Darren Tucker (dtucker at
> GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
>    Good judgement comes with experience. Unfortunately, the experience
> usually comes from bad judgement.

More information about the openssh-unix-dev mailing list