sshd: PAM + key authentication
cedric at decemplex.net
Sat Mar 3 20:38:47 UTC 2007
I set up a some sshd servers which authenticates their users through a
LDAP DB. To realize this, I used PAM.
Everything ok until now.
Then, via PAM (pam_filter) and the host attribute in the LDAP DB, I only
allowed logon on specifical hosts for some users.
After that, I tested this last functionality: I tried to login on a
disallowed host, and it fails - so it works as expected. For this test,
I used password authentication. Later, I tried the same test with key
authentication, and could log in...
After some more investigations, it seems sshd ignores PAM when someone
tries to log in with a key... is there some way to force sshd to
consider PAM in case of key authentication?
Cédric Jonas cedric at decemplex.net
GPG ID: 30CCFE8D
GPG Key: http://box.decemplex.net/~cedric/cedric.key.asc
GPG Fingerprint: CF03 E1FD 9428 1B6B E971 B107 9044 AA99 30CC FE8D
Jabber-ID: cedric at decemplex.net
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20070303/c766b76b/signature.pgp
More information about the freebsd-questions