openssh and pam_ldap

[Jason McCormick]

> Of course, one can turn on UsePAM, but the warnings in sshd_config
> make me nervous.  Also, running a few tests, it's a little too
> insecure for my liking. 

  If you're going to use pam_ldap you're going to have to set UsePAM = 
yes.  Else ssh isn't going to contact your PAM stack to do anything.  
UsePAM used to default to 'yes' until 3.8p1.  If you have UsePAM = no, 
then SSH will only try to use shadow passwords.

-- Jason