[clug] SSH + PAM

Sam Couter sam at couter.id.au
Wed Jan 2 09:45:49 GMT 2008

Robert Edwards <bob at cs.anu.edu.au> wrote:
> Option 1: two instances of SSH with different config files, one
> listening on the internal interface/IP address and the other on the
> other. But both need "UsePAM", so how do I tell PAM which SSH is which?

Googling for "ssh pam service name" found me this:


Two-second summary is to run sshd with a different program name, either
through your own wrapper that uses execl() with a different argv[0], or
through a symlink.

There could be a problem though, depending on your distribution:


says that Debian woody is built with a hard-coded PAM service name that
can't be changed using the aforementioned method.

If that's the case for your distribution, it's not hard to build yourself
a custom package without that configure option.
Sam Couter         |  mailto:sam at couter.id.au
                   |  jabber:sam at teknohaus.dyndns.org
OpenPGP fingerprint:  A46B 9BB5 3148 7BEA 1F05  5BD5 8530 03AE DE89 C75C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.samba.org/archive/linux/attachments/20080102/c75ebbfa/attachment.bin

More information about the linux mailing list