This might have been covered before and I've missed it. If so, sorry in advance. The file sshd.pam.generic didn't work for me on Linux RH6, I guess it's a Solaris file. Instead I copied the file /etc/pam.d/rlogin to /etc/pam.d/sshd . I wonder if this isn't a good way to go about things anyway, have an install target that does just that? Perhaps the rsh file is more appropriate for SSH. Perhaps neither - I just haven't looked into PAM in any detail yet, and the above seems to work well. In any case, I think a working Linux PAM config file should be in the distribution. Perhaps someone who knows PAM well can provide one that's good on Linux-PAM? -Andre -- Andre Lucas <andre.lucas at dial.pipex.com> http://dspace.dial.pipex.com/andre.lucas/
On Sun, Jan 16, 2000 at 03:22:24PM +0000, Andre Lucas wrote:> In any case, I think a working Linux PAM config file should be in the > distribution. Perhaps someone who knows PAM well can provide one that's > good on Linux-PAM?I just copy the one used for login, and remove the references to pam_securetty, and it's always worked fine. Under Red Hat Linux 6.1: #%PAM-1.0 #auth required /lib/security/pam_securetty.so auth required /lib/security/pam_pwdb.so shadow nullok auth required /lib/security/pam_nologin.so account required /lib/security/pam_pwdb.so password required /lib/security/pam_cracklib.so password required /lib/security/pam_pwdb.so nullok use_authtok md5 shadow session required /lib/security/pam_pwdb.so session optional /lib/security/pam_console.so If I were using another distribution, I'd expect pam_pwdb to be replaced by pam_unix, but the arguments wouldn't need to change. This might be a good one to include in the Red Hat-specific RPM, anyway. Cheers, Nalin
Have you checked in the redhat-specific directory in the OpenSSH source tree? There's a pam config file there that works nicely. -- jim knoble jmknoble at pobox.com P? 2000-Jan-16 klokka 15:22:24 +0000 skrivet Andre Lucas: : This might have been covered before and I've missed it. If so, sorry in : advance. : : The file sshd.pam.generic didn't work for me on Linux RH6, I guess it's : a Solaris file. Instead I copied the file /etc/pam.d/rlogin to : /etc/pam.d/sshd . I wonder if this isn't a good way to go about things : anyway, have an install target that does just that? : : Perhaps the rsh file is more appropriate for SSH. Perhaps neither - I : just haven't looked into PAM in any detail yet, and the above seems to : work well. : : In any case, I think a working Linux PAM config file should be in the : distribution. Perhaps someone who knows PAM well can provide one that's : good on Linux-PAM?
On Sun, 16 Jan 2000, Andre Lucas wrote:> This might have been covered before and I've missed it. If so, sorry in > advance. > > The file sshd.pam.generic didn't work for me on Linux RH6, I guess it's > a Solaris file. Instead I copied the file /etc/pam.d/rlogin to > /etc/pam.d/sshd . I wonder if this isn't a good way to go about things > anyway, have an install target that does just that?You are probably after packages/redhat/sshd.pam. That is the one I use in the RPMs. Regards, Damien -- | "Bombay is 250ms from New York in the new world order" - Alan Cox | Damien Miller - http://www.mindrot.org/ | Email: djm at mindrot.org (home) -or- djm at ibs.com.au (work)