pam.d/sshd

[Daniel O'Connor]

On Thursday 23 November 2006 19:46, Oliver Fromme wrote:
> Stefan Thurner wrote:
>  > I would like to activate ssh-agent automatically if I login
>  > via ssh.
>
> As far as I know there is no mechanism to start ssh-agent
> automatically.  (Someone please correct me if I'm wrong.)

You're wrong :)

I have all of my pam.d config files include a single system file so I can
control it all in one place.

I have this for auth ->
# auth
auth            sufficient      pam_opie.so             no_warn no_fake_prompts
auth            requisite       pam_opieaccess.so       no_warn allow_local
auth            sufficient      pam_ssh.so
auth            required        pam_unix.so             no_warn use_first_pass nullok

And this for session ->
# session
session         optional        pam_ssh.so              want_agent
session         required        pam_lastlog.so          no_fail

(the session stuff is what starts ssh-agent)

-- 
Daniel O'Connor software and network engineer
for Genesis Software - http://www.gsoft.com.au
"The nice thing about standards is that there
are so many of them to choose from."
  -- Andrew Tanenbaum
GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20061123/c524ec08/attachment.pgp