[clug] SSH + PAM
Sam Couter
sam at couter.id.au
Wed Jan 2 09:45:49 GMT 2008
Robert Edwards <bob at cs.anu.edu.au> wrote:
> Option 1: two instances of SSH with different config files, one
> listening on the internal interface/IP address and the other on the
> other. But both need "UsePAM", so how do I tell PAM which SSH is which?
Googling for "ssh pam service name" found me this:
http://marc.info/?l=openssh-unix-dev&m=104871124912817&w=2
Two-second summary is to run sshd with a different program name, either
through your own wrapper that uses execl() with a different argv[0], or
through a symlink.
There could be a problem though, depending on your distribution:
http://osdir.com/ml/network.openssh.devel/2003-04/msg00093.html
says that Debian woody is built with a hard-coded PAM service name that
can't be changed using the aforementioned method.
If that's the case for your distribution, it's not hard to build yourself
a custom package without that configure option.
--
Sam Couter | mailto:sam at couter.id.au
| jabber:sam at teknohaus.dyndns.org
OpenPGP fingerprint: A46B 9BB5 3148 7BEA 1F05 5BD5 8530 03AE DE89 C75C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.samba.org/archive/linux/attachments/20080102/c75ebbfa/attachment.bin
More information about the linux
mailing list