SSHD and PAM
Jakub Jelen
jjelen at redhat.com
Wed Jan 3 20:04:39 AEDT 2018
On Wed, 2018-01-03 at 13:50 +0530, Sudarshan Soma wrote:
> HI, I do see some refernce on it: but seems not closed
> https://marc.info/?l=secure-shell&m=115513863409952&w=2
>
> http://bugzilla.mindrot.org/show_bug.cgi?id=1215
>
>
> Is this patch available in latest versions, 7.6?
No. It never was.
The SSSD is using NSS (Name Service Switch) [1] way of getting
credentials. It allows to get them from many sources.
[1] https://en.wikipedia.org/wiki/Name_Service_Switch
Regards,
Jakub
> On Wed, Jan 3, 2018 at 1:48 PM, Sudarshan Soma <sudarshan12s at gmail.co
> m>
> wrote:
>
> > Hi I am trying to write pam_radius module which talks to RADIUS
> > server for
> > aaa.
> >
> > I see sshd checks /etc/passwd for user list. Since RADIUS server
> > has user
> > list, can sshd ignore this check for RADIUS/TACACS+ authentication,
> > Please
> > suggest if there are any flags to control it.
> >
> > I am using the following versions.
> > OpenSSH_6.6p1, OpenSSL 1.0.2n 7 Dec 2017
> >
> > I see sssd (NAS) being used for such use cases, how does sshd
> > ignore
> > /etc/passwd in those cases.
> > Please suggest
> >
> > Regards,
> > Ivan.
> >
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
--
Jakub Jelen
Software Engineer
Security Technologies
Red Hat, Inc.
More information about the openssh-unix-dev
mailing list