From owner-freebsd-pf@FreeBSD.ORG  Tue May 31 12:25:48 2005
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
X-Original-To: freebsd-pf@freebsd.org
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A4C0916A41C
	for <freebsd-pf@freebsd.org>; Tue, 31 May 2005 12:25:48 +0000 (GMT)
	(envelope-from jw@innerewut.de)
Received: from smtprelay03.ispgateway.de (smtprelay03.ispgateway.de
	[80.67.18.15]) by mx1.FreeBSD.org (Postfix) with ESMTP id DD2D443D1D
	for <freebsd-pf@freebsd.org>; Tue, 31 May 2005 12:25:47 +0000 (GMT)
	(envelope-from jw@innerewut.de)
Received: (qmail 9494 invoked from network); 31 May 2005 12:25:44 -0000
Received: from unknown (HELO [192.168.0.200]) (068076@[85.178.225.13])
	(envelope-sender <jw@innerewut.de>)
	by smtprelay03.ispgateway.de (qmail-ldap-1.03) with DES-CBC3-SHA
	encrypted SMTP
	for <marco+freebsd-pf@lordsith.net>; 31 May 2005 12:25:44 -0000
User-Agent: Microsoft-Entourage/11.1.0.040913
Date: Tue, 31 May 2005 14:25:43 +0200
From: Jonathan Weiss <jw@innerewut.de>
To: Marco van Lienen <marco+freebsd-pf@lordsith.net>,
	FreeBSD-PF <freebsd-pf@freebsd.org>
Message-ID: <BEC22467.25DA7%jw@innerewut.de>
In-Reply-To: <20050531102855.GA40275@lordsith.net>
Mime-version: 1.0
Content-type: text/plain;
	charset="US-ASCII"
Content-transfer-encoding: 7bit
Cc: 
Subject: Re:authpf does authenticate but gives no shell
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 31 May 2005 12:25:48 -0000


> I've tried only changing the class entry via chpass(1) to authpf and keeping
> the admin users' original shell (/usr/local/bin/bash (according to
> /var/log/messages this wouldn't allow me onto the box; it was warning about
> wrong
> shell or something)).
> After then changing the user shell to /usr/sbin/authpf it atleast echoes the
> Welcome text with the contents of /etc/authpf/authpf.message but then I don't
> get a prompt to input shell commands.
> 

As far as I know, authpf is only for authentification. This means that it
will activate you rules, nothing more. It is not a shell or will it fork to
your shell.

You need a second SSH connection for this.

Please somebody correct me if I'm wrong.

> Hope someone can help me out here.
> 
> Cheers.
> Marco


Jonathan
--

Jonathan Weiss
jw@innerewut.de
http://blog.innerewut.de