Re: Openssh 1.2pre17-1 broken?
On 14/12/99 hservoma@wis02.ec.t.kanazawa-u.ac.jp wrote:
This is interesting, where did you read about /etc/pam.d/ssh -> sshd ?
normally a pam service will look for a file with the name name as the
binary, so sshd will load pam.d/sshd, this can be overridden in the
service program by changing the call to PAM_INIT (or someting like
that) the debian maintainer does this himself as he wishes to keep
the pam file called ssh not sshd.
The only way I'm able to get ssh to forward X connections on RH6.1
is to add
sshdfwd-X11: 127.0.0.1 :severity auth.notice : ALLOW
to /etc/hosts.allow
I think this is normal at least i read you had to add sshdfwd-X11
entries for non-free ssh in the man page.
Otherwise pam refuses the connection. I didn't see anything wrong
with /etc/pam.d/ssh
the current version is not using it at all, instead its using
/etc/pam.d/other (on debian anyway, i think redhat just calls the
pam.d file sshd)
Will try hardlinking next ;)
since i already reported this bug once and had it fixed I think i may
just leave a hard link there permanently, thats much better then
being locked out whenever the maintainer forgets that mod on a new
upstream version..
I just need something to put in pam.d/other that is more obvious that
the service is misconfigured then what pam_warn throws in..
(i don't like the idea of unconfigured pam services mostly working
off of the other configuration without my knowing it, that is why i
set it to deny)
Ethan
Reply to: