Password change required but no TTY available
Daniel Wagner
daniel.wagner at siemens.com
Fri May 25 17:05:06 AEST 2018
Hi Damien,
On 05/25/2018 02:37 AM, Damien Miller wrote:
> I think it's probably okay to allow the PTY in restricted sessions
> generally.
>
> The global PermitTTY option as well as any authorized_keys options will
> still apply.
>
> Does this solve your problem?
>
> diff --git a/auth.c b/auth.c
> index 63366768..4fc95457 100644
> --- a/auth.c
> +++ b/auth.c
> @@ -1080,6 +1080,7 @@ auth_restrict_session(struct ssh *ssh)
>
> /* A blank sshauthopt defaults to permitting nothing */
> restricted = sshauthopt_new();
> + restricted->permit_pty_flag = 1;
> restricted->restricted = 1;
>
> if (auth_activate_options(ssh, restricted) != 0)
Yes, this does also work and it looks way better than my hack :)
Thanks,
Daniel
More information about the openssh-unix-dev
mailing list