pam.d/sshd
Nikolay Pavlov
quetzal at zone3000.net
Fri Dec 1 11:20:51 PST 2006
On Thursday, 23 November 2006 at 9:53:26 +0100, Stefan Thurner wrote:
> Hi!
>
> I would like to activate ssh-agent automatically if I login
> via ssh.
>
> My /etc/pam.d/sshd looks like:
>
> # auth
> auth required pam_nologin.so no_warn
> auth sufficient pam_opie.so no_warn no_fake_prompts
> auth requisite pam_opieaccess.so no_warn allow_local
> auth required pam_unix.so no_warn try_first_pass
> auth optional pam_ssh.so no_warn try_first_pass
>
> # account
> account required pam_login_access.so
> account required pam_unix.so
>
> # session
> session optional pam_ssh.so
> session required pam_permit.so
>
> # password
> password required pam_unix.so no_warn try_first_pass
>
> At ssh login I have to type in login password and password
> for my ssh-key as expected but no ssh-agent is started. Any
> ideas?
Hi Stefan.
/etc/pam.d/sshd pam file is for sshd server not for ssh client.
If you want to use ssh-agent whole the time your box is online you
should start it right after login. In order to doing this add
"session optional pam_ssh.so want_agent"
line into session facility of /etc/pam.d/system file (it's included
into /etc/pam.d/login so don't worry). If you prefer X terminals add
this string to /etc/pam.d/kdm or gdm or xdm file.
Don't forget to load you privat key with ssh-add command first time you
use ssh.
>
> best regards
> -Stefan
> --
> Chemnitz University of Technology / Welding Engineering
> Stefan Thurner
> Phone / Fax: +49 371 531-32403 / -23729
> Email: stefan.thurner at mb.tu-chemnitz.de
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
--
======================================================================
- Best regards, Nikolay Pavlov. <<<-----------------------------------
======================================================================
More information about the freebsd-stable
mailing list