search for: pamacctservice

Hello, There is a simple but sometimes important omission in access decision logic in OpenSSH. It checks against PAM for all authentication methods - it *is* good. But it provides no means to distinguish, in PAM configuration, which method has been used for the authentication. It is sometimes crucial to be able to distinguish between different ways of authentication, to make the right

I added a few features to openssh for my local use that I think would be more broadly useful. I basically added access control lists to control who would be allowed public key authentication. I added four config file entries for the server: PubkeyAllowUsers PubkeyDenyUsers PubkeyAllowGroups PubkeyDenyGroups These follow the same sematics as the already existing entries for