From owner-freebsd-bugs Tue Jan 11 19:20: 6 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 7F68315090 for ; Tue, 11 Jan 2000 19:20:02 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id TAA57694; Tue, 11 Jan 2000 19:20:02 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from tempest.waterspout.com (tempest.waterspout.com [208.13.56.2]) by hub.freebsd.org (Postfix) with ESMTP id 29BF5154C1; Tue, 11 Jan 2000 19:14:53 -0800 (PST) (envelope-from ajk@tempest.waterspout.com) Received: (from ajk@localhost) by tempest.waterspout.com (8.9.3/8.9.3) id WAA02411; Tue, 11 Jan 2000 22:14:45 -0500 (EST) (envelope-from ajk) Message-Id: <200001120314.WAA02411@tempest.waterspout.com> Date: Tue, 11 Jan 2000 22:14:45 -0500 (EST) From: ajk@waterspout.com Reply-To: ajk@waterspout.com To: FreeBSD-gnats-submit@freebsd.org Cc: mark@grondar.za, phantom@freebsd.org X-Send-Pr-Version: 3.2 Subject: conf/16076: [PATCH] pam_ssh examples for /etc/pam.conf Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 16076 >Category: conf >Synopsis: [PATCH] pam_ssh examples for /etc/pam.conf >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Tue Jan 11 19:20:01 PST 2000 >Closed-Date: >Last-Modified: >Originator: Andrew J. Korty >Release: FreeBSD 4.0-CURRENT i386 >Organization: Waterspout Communications, Inc. >Environment: FreeBSD tempest.waterspout.com 4.0-CURRENT FreeBSD 4.0-CURRENT #24: Sat Dec 4 08:11:45 EST 1999 root@tempest.waterspout.com:/usr/src/sys/compile/TEMPEST i386 >Description: Recently, several entries were added to /etc/pam.conf to make PAM more functional out of the box. Why not add these example entries (commented out) for using the pam_ssh module that comes with the OpenSSH port with XDM/KDM/GDM? >How-To-Repeat: Apply this patch and uncomment the indicated lines to activate the pam_ssh module. >Fix: --- pam.conf.orig Tue Jan 11 17:52:47 2000 +++ pam.conf Tue Jan 11 17:55:50 2000 @@ -24,6 +24,14 @@ # XDM is difficult; it fails or moans unless there are modules for each # of the four management groups; auth, account, session and password. +# +# Uncomment the following three lines to use the pam_ssh module that +# comes with the OpenSSH port (/usr/ports/security/openssh). +# +#xdm auth requisite pam_cleartext_pass_ok.so +#xdm auth sufficient pam_ssh.so try_first_pass +#xdm session optional pam_ssh.so + xdm auth required pam_unix.so #xdm auth sufficient pam_kerberosIV.so try_first_pass xdm account required pam_unix.so try_first_pass >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message