Date: Tue, 14 Oct 2003 10:49:09 +0200 From: Volker Stolz <stolz@i2.informatik.rwth-aachen.de> To: Joe Kelsey <joek@mail.flyingcroc.net> Cc: stable@freebsd.org Subject: Re: Using pam_ssh with gdm Message-ID: <20031014084909.GB17718@i2.informatik.rwth-aachen.de> In-Reply-To: <3F8ABD15.2070601@mail.flyingcroc.net> References: <3F8ABD15.2070601@mail.flyingcroc.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Am 13. Oct 2003 um 16:56 CEST schrieb Joe Kelsey: > first try, logging the following to syslog: > Oct 13 07:24:30 zircon gdm[186]: Couldn't open session for joek > > Then, gdm resets and I reenter the password and passphrase. The second > time, I get in. Apparantly, now ssh-agent has started, but pam_ssh did > not pass along any authentication information, so I have to call ssh-add > by hand to actually enter the key information. This means that every > time I log in, I have to type my password twice and my passphrase three > times. The first thing you're probably experiencing is this: http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/45669 Description The pam_ssh module uses popen() to start an ssh-agent for the user during PAM authentication. However, pclose() causes the pam-module to return an error if somebody else already called waitpid(-1,...) because now pclose returns -1 and errno is set to ECHILD (observed with gdm who uses a whole bunch of processes). -- http://www-i2.informatik.rwth-aachen.de/stolz/ *** PGP *** S/MIME rage against the finite state machine
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031014084909.GB17718>