[Bug 2408] Expose authentication information to PAM

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Wed Feb 24 21:50:51 AEDT 2016


Vincent Brillault <git at lerya.net> changed:

           What    |Removed                     |Added
   Attachment #2791|0                           |1
        is obsolete|                            |

--- Comment #4 from Vincent Brillault <git at lerya.net> ---
Created attachment 2792
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2792&action=edit
Expose successful auth methods via environments (pam and shell)

Dear all,

Sorry for the spamming, but I just realized that it is possible to
expose the 'displayname" of gssapi authentication without a big
modification. This new patch now exposes it but unfortunately I was
only able to test a port of this patch on Centos sources and not this
one directly as the only kerberos-enabled system I have is a Centos

This patch is now feature-complete with the feature I was thinking
about, but if you see an authentication method that I missed and could
also expose relevant information, please tell me.

In the end this patch creates two new functions, both returning  a
char* which needs to be freed:
- ssh_gssapi_get_displayname to get the displayname from a gssapi
- sshkey_format_oneline to format a ssh key as it was formated in
I'm not really good at naming and if anyone has better names for these
function, your advice would be appreciated.

Thanks in advance,
Vincent Brillault

PS: individual patches can be found on github:

You are receiving this mail because:
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list