[PATCH] Specify PAM Service name in sshd_config
Damien Miller
djm at mindrot.org
Fri May 17 09:42:54 EST 2013
On Wed, 15 May 2013, Iain Morgan wrote:
> Hmm, what if PAMServiceName supported some % macros? Some candidates
> would be %c for the executable, %m for the authentication method, and %p
> for the server port.
>
> This would allow something like:
>
> PAMServiceName %c-%m
>
> or
>
> PAMServiceName admincli-%m
I think this approach is reasonable. Whomever implements it, please
include host address too :)
I'm not sure what changes will be necessary to support this - remember
that we now offer multiple auth, so a user might run pubkey+kbdint or
GSSAPI+password. Which auth, account and session stack should we run in
these cases?
-d
More information about the openssh-unix-dev
mailing list