Re: Public key auth and PAM
From: Darren Tucker (dtucker_at_dodgy.net.au)
Date: 12/09/03
- Next message: Darren Tucker: "Re: Trapping banner displayed by sshd during ssh / scp?"
- Previous message: Anne & Lynn Wheeler: "Re: Pub/priv key security"
- In reply to: David Hajek: "Public key auth and PAM"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 09 Dec 2003 00:57:27 GMT
In article <br21f7$6gr$1@server4.gts.cz>, David Hajek <david@hajek.net> wrote:
>I think that PAM isn't taken into acount when public key authentication is
>on. I disabled access in PAM for all users and allowed login for only thouse
>which are listed via pam_list_file. But I found that all users are still
>allowed to login when they're use public key.
>
>Is it possible to tell SSH to check PAM access controls even public keys are
>on?
You need to add pam_list_file to the account part of the PAM config,
not just auth. Then it should do what you want, as sshd already checks
the status of pam_acct_mgmt().
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
- Next message: Darren Tucker: "Re: Trapping banner displayed by sshd during ssh / scp?"
- Previous message: Anne & Lynn Wheeler: "Re: Pub/priv key security"
- In reply to: David Hajek: "Public key auth and PAM"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
