[PATCH] Specify PAM Service name in sshd_config

Schmidt, Kenneth P kenneth.schmidt at pnnl.gov
Tue May 14 02:22:13 EST 2013


Hello All,

The attached patch allows openssh to specify which pam service name to
authenticate users against by specifying the PAMServiceName attribute in
the sshd_config file.  Because the parameter can be included in the Match
directive sections, it allows different authentication based on the Match
directive.  In our case, we use it to allow different levels of
authentication based on the source of the authentication attempts
(securID auth in untrusted zones, password auth in trusted zones).  The
default is still to use the binary name.

____________________________________________
Ken Schmidt
Research Scientist, Molecular Science Computing Operations
EMSL: Environmental Molecular Sciences Laboratory

Pacific Northwest National Laboratory
902 Battelle Boulevard
P.O. Box 999, MSIN K8-83
Richland, WA  99352 USA
Tel:  509-371-6107
Fax: 509-371-6110
Kenneth.schmidt at pnnl.gov
www.emsl.pnl.gov

This material was prepared as an account of work sponsored by an agency of
the United States Government.  Neither the United States Government nor
the United States Department of Energy, nor any of their employees, nor
Battelle Memorial Institute nor any of its employees, makes any warranty,
express or implied, or assumes any legal liability or responsibility for
the accuracy, completeness, or usefulness or any information, apparatus,
product, or process disclosed, or represents that its use would not
infringe privately owned rights.



More information about the openssh-unix-dev mailing list