bin/112574: sshd(8) ignores nologin(5) if using PAM and public key

Dag-Erling Smørgrav des at des.no
Tue Jun 5 11:00:18 UTC 2007


The following reply was made to PR bin/112574; it has been noted by GNATS.

From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des at des.no>
To: Yar Tikhiy <yar at comp.chem.msu.su>
Cc: bug-followup at freebsd.org
Subject: Re: bin/112574: sshd(8) ignores nologin(5) if using PAM and public key
Date: Tue, 05 Jun 2007 12:42:04 +0200

 Yar Tikhiy <yar at comp.chem.msu.su> writes:
 > Second, it adds an account management function identical to the
 > authentication one so that pam_nologin can always work for sshd.
 
 Strictly speaking, pam_nologin should implement pam_sm_acct_mgmt() and
 *not* implement pam_sm_authenticate().  However, doing so at this point
 would break existing configurations.  You may want to discuss the
 possibility of doing just that for 7.0 with re at .
 
 DES
 --=20
 Dag-Erling Sm=C3=B8rgrav - des at des.no


More information about the freebsd-bugs mailing list