Provide AcceptEnv variables to a Linux PAM module?

Damien Miller djm at mindrot.org
Wed Oct 16 11:00:59 EST 2013


On Tue, 15 Oct 2013, Ryan Cox wrote:

> At the very least, I would like to find some surefire way to run a
> script (as root or the user) and /etc/ssh/sshrc seems like the only
> option at this point. Is there a way to either 1) ignore any ~/.sshrc
> or 2) tell sshd to run both /etc/ssh/sshrc *and* ~/.sshrc if they
> exist? I couldn't find any mention of that possibility in the manpages
> or code. I suppose I could recompile sshd and have it ignore ~/.sshrc
> but some configuration parameter would be nice.

So, if you are using public key authentication then you can set
the "no-user-rc" key option to disable the ~/.sshrc file. I'd support
adding a configuration option to control this; IMO it makes sense that
one should be able to control this from sshd_config too.

Would you mind filing a bug at https://bugzilla.mindrot.org/ to
request the new option?

-d


More information about the openssh-unix-dev mailing list