sshd does not flush PAM messages
Ondřej Velíšek
ondrejvelisek at gmail.com
Thu Dec 13 20:14:22 AEDT 2018
Hi,
I would like to report a problem. It seems OpenSSH server does not flush PAM
messages unless it is a prompt or the PAM terminates. I've tried it with
OpenSSH and Dropbear clients. I tested my own PAM module which simply
sends a non-prompting message and sleeps. Used raw C and Python PAM
bridge. Both the same results.
sshd -V
OpenSSH_7.2p2 Ubuntu-4ubuntu2.6, OpenSSL 1.0.2g 1 Mar 2016
steps:
- create PAM which sends PAM_TEXT_INFO message and then executes sleep(10)
- configure sshd to use it and run the server
- try to connect with client
- ssh display nothing until 10 sec
Is it intentional? I believe it should not be. There are
authentication methods which do not need to prompt the user. For example
OAuth2 Device code method.
cheers
Ondrej
More information about the openssh-unix-dev
mailing list