pam.d/sshd

Nikolay Pavlov quetzal at zone3000.net
Sat Dec 2 10:56:04 PST 2006


On Friday,  1 December 2006 at 21:02:45 +0100, Stefan Thurner wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> > Hi Stefan.
> > /etc/pam.d/sshd pam file is for sshd server not for ssh client.
> > If you want to use ssh-agent whole the time your box is online you
> > should start it right after login. In order to doing this add 
> > "session         optional        pam_ssh.so              want_agent"
> > line into session facility of /etc/pam.d/system file (it's included
> > into /etc/pam.d/login so don't worry).
> 
> Hi Nikolay!
> 
> Thats right and I have such a line in may pam.d/system file. But what I
> want is that ssh-agent is started on the remote host if I login on the
> remote host. Therefore I added the described lines in the pam.d/sshd
> file on the remote host.
> 
> The password for ssh-key is requested if I login on the remote host (as
> it should) but no ssh-agent is started. I'm quite sure that it is a bug
> in pam_ssh.so. When bug reporting on the freebsd site is working again I
> will send in a problem report.

Yes. You are right. Even with "want_agent" ssh-agent is started, but do
not contain key decripted during the authentication phase.

> 
> best regards
> - -Stefan
> - --
> GPG-encrypted mail welcome! --> ID:E970FCBE
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.5 (FreeBSD)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> 
> iD8DBQFFcIplxNmQVulw/L4RApPYAJ9C2frkDjE3AlKdQh/unv38E1YbjwCgtPaZ
> 6lio3DnQJBfjh+azcAyD9fA=
> =Rebv
> -----END PGP SIGNATURE-----
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"

-- 
======================================================================  
- Best regards, Nikolay Pavlov. <<<-----------------------------------    
======================================================================  



More information about the freebsd-stable mailing list