From owner-freebsd-hackers Tue Jan 8 0:25:40 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id EF09C37B416; Tue, 8 Jan 2002 00:25:37 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g088Pax67798; Tue, 8 Jan 2002 08:25:36 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g078TAV62670; Mon, 7 Jan 2002 10:29:11 +0200 (SAST) (envelope-from mark@grondar.za) Message-Id: <200201070829.g078TAV62670@grimreaper.grondar.org> To: Jeremy Lea Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: Should pam_ssh and xdm work? References: <20020107002223.A64504@shale.csir.co.za> In-Reply-To: <20020107002223.A64504@shale.csir.co.za> ; from Jeremy Lea "Mon, 07 Jan 2002 00:22:23 +0200." Date: Mon, 07 Jan 2002 10:29:09 +0200 From: Mark Murray Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > I've uncommented the entries for pam_ssh in /etc/pam.conf, and am trying > to log in via xdm on my local machine. I can type in my SSH passphrase > into the password box, and it authenticates me, and runs my .xsession. > So far, no problems. But it's not setting up the ssh-agent properly. Yes this is a known bug. We need to fix it. > Two copies of ssh-agent appear to be run, and the environment variables > "SSH_AUTH_SOCK" and "SSH_AGENT_PID" are not passed. They are not > available in any xterms, and they do not appear in the environment while > .xsession is being executed. > > Combinations of using "sufficient" and "required" for pam_ssh and > pam_unix do not seem to affect things. Nor should they :-) M -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message