also sprach Adrian von Bidder <avbidder@fortytwo.ch> [2007.01.11.1855 +0100]:
> Anybody has an idea if and how this is possible? The obvious but
> ugly solution would be to run a second sshd on a different port,
> but I'd rather avoid that.
It'll be possible if and only if SSH differentiates between
authentication and authorisation/session. If it does, you can limit
authentication with PAM via pam_file to one user, knowing that
publickey auth will be handled by sshd. All users, however, need to
be authenticated against the PAM session component.
--
Please do not send copies of list mail to me; I read the list!
.''`. martin f. krafft <madduck@debian.org>
: :' : proud Debian developer, author, administrator, and user
`. `'` http://people.debian.org/~madduck - http://debiansystem.info
`- Debian - when you have better things to do than fixing systems
never trust an operating system
for which you do not have the source.
-- source unknown
Attachment:
signature.asc
Description: Digital signature (GPG/PGP)