Feature request: Allow custom directory for privilege separation in the configuration file. And change the pam module.

Colin Watson cjwatson at debian.org
Mon Aug 5 08:35:06 AEST 2019

On Sun, Aug 04, 2019 at 03:39:02PM +0200, Ramón García wrote:
> In order to be able to have different instances of sshd running in a
> machine (for instance, one for system administrators, other for a file
> transfer service) it should be useful:
> - To allow the administrator to specify the name of the pam module, so
> that one can create a customized file in /etc/pam.d
> - A customized privilege separation directory.

You can do these already - you just need to build OpenSSH from source
yourself.  --with-pam-service and --with-privsep-path are the relevant
./configure options.

Colin Watson                                       [cjwatson at debian.org]

More information about the openssh-unix-dev mailing list