Date: Mon, 13 Oct 2003 09:35:00 -0700 From: Joe Kelsey <joek@mail.flyingcroc.net> To: Alexander Leidinger <Alexander@Leidinger.net> Cc: freebsd-gnome@freebsd.org Subject: Re: Using pam_ssh with gdm Message-ID: <3F8AD434.5080104@mail.flyingcroc.net> In-Reply-To: <20031013175044.024edc99.Alexander@Leidinger.net> References: <3F8ABD15.2070601@mail.flyingcroc.net> <20031013175044.024edc99.Alexander@Leidinger.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Alexander Leidinger wrote: > On Mon, 13 Oct 2003 07:56:21 -0700 > Joe Kelsey <joek@mail.flyingcroc.net> wrote: > > >>I want to use pam_ssh with gdm to "streamline" my login. From reading >>the pam_ssh man page, it claims that the session module starts ssh-agent >>and passes any authenticated keys. Keys get authenticated during the >>"auth" phase. >> >>I currently have the following lines in /etc/pam.conf: > > > I use it with xdm (on -current), try this instead: > ---snip--- > gdm auth sufficient pam_ssh.so no_warn try_first_pass > gdm auth required pam_unix.so no_warn try_first_pass > > gdm account required pam_unix.so > > gdm session optional pam_ssh.so > gdm session required pam_permit.so > ---snip--- > > Use your ssh password to login. Thanks. That seems to solve the problem of the first attempt always fails, but it still does not solve the problem of passing my authorized keys to ssh-agent. The ssh-agent still has no identities loaded and I still have to run ssh-add separately in order to get the identities in. I don't know if I really like the idea of using just my ssh pass phrase and eliminating my UNIX password, but I guess I can recover from 25 years of typing my UNIX password(s) eventually... /Joe
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F8AD434.5080104>