From owner-freebsd-security  Mon Jul 16  2: 3:55 2001
Delivered-To: freebsd-security@freebsd.org
Received: from ringworld.nanolink.com (ringworld.nanolink.com [195.24.48.39])
	by hub.freebsd.org (Postfix) with SMTP id 46DF437B40A
	for <security@freebsd.org>; Mon, 16 Jul 2001 02:03:49 -0700 (PDT)
	(envelope-from roam@orbitel.bg)
Received: (qmail 1928 invoked by uid 1000); 16 Jul 2001 09:08:03 -0000
Date: Mon, 16 Jul 2001 12:08:03 +0300
From: Peter Pentchev <roam@orbitel.bg>
To: Shila Ofek <shila_ofek@hotmail.com>
Cc: green@freebsd.org, security@freebsd.org
Subject: Re: OpenSSH UseLogin parameter
Message-ID: <20010716120803.A1766@ringworld.oblivion.bg>
Mail-Followup-To: Shila Ofek <shila_ofek@hotmail.com>,
	green@freebsd.org, security@freebsd.org
References: <F174xhJTANZwwPcMFlF000022d8@hotmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <F174xhJTANZwwPcMFlF000022d8@hotmail.com>; from shila_ofek@hotmail.com on Mon, Jul 16, 2001 at 11:22:14AM +0300
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Mon, Jul 16, 2001 at 11:22:14AM +0300, Shila Ofek wrote:
> When the ssh user authentication is a password authentication, I want to use 
> PAM.  It seems that the OpenSsh daemon does not work with PAM, so I thought 
> that using the regular login, I will get PAM integration for free.
> So, is it possible to work with the UseLogin to use the regular login 
> program?  What do I have to do to use it properly?
> Or, is there a possibility, the the OpenSSH daemon will work with PAM when 
> it's doing password authentication?

The OpenSSH daemon does work with PAM.  Do you have the proper configuration
lines in your /etc/pam.conf file, though?  Post the output of:

  grep '^sshd' /etc/pam.conf

G'luck,
Peter

-- 
If there were no counterfactuals, this sentence would not have been paradoxical.

> >From: "Brian F. Feldman" <green@freebsd.org>
> >To: "Shila Ofek" <shila_ofek@hotmail.com>
> >CC: security@freebsd.org
> >Subject: Re: OpenSSH UseLogin parameter
> >Date: Thu, 12 Jul 2001 15:59:45 -0400
> >
> >"Shila Ofek" <shila_ofek@hotmail.com> wrote:
> > > Hello,
> > > I'm trying to get an openssh daemon to work with the regular login, 
> >using
> > > the UseLogin parameter in the daemon's configuration file.
> > > But, it doesn't work...
> > > Does anyone have any experience with this?
> > >
> > > Thanks,
> > >       Shila Ofek.
> >
> >Why exactly would you want to do this?  If there are bugs that you know
> >about in OpenSSH's login code, they should be reported.  OpenSSH is meant 
> >to
> >work without using login, supporting all the functionality login has.  Let
> >me know exactly what problems you're having.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message