Feature request: Allow custom directory for privilege separation in the configuration file. And change the pam module.

ramon.garcia.f at gmail.com ramon.garcia.f at gmail.com
Wed Feb 5 02:59:16 AEDT 2020


Bit it would be better as a runtime option.  So that it gets integrated into distributions and one gets security updates.

Having a package compiled by hand, implies having alerts on security updates and applying them by handEl 5 ago. 2019 0:35, Colin Watson <cjwatson at debian.org> escribió:
>
> On Sun, Aug 04, 2019 at 03:39:02PM +0200, Ramón García wrote:
> > In order to be able to have different instances of sshd running in a
> > machine (for instance, one for system administrators, other for a file
> > transfer service) it should be useful:
> > 
> > - To allow the administrator to specify the name of the pam module, so
> > that one can create a customized file in /etc/pam.d
> > - A customized privilege separation directory.
>
> You can do these already - you just need to build OpenSSH from source
> yourself.  --with-pam-service and --with-privsep-path are the relevant
> ./configure options.
>
> -- 
> Colin Watson                                       [cjwatson at debian.org]
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


More information about the openssh-unix-dev mailing list