Nezaznamenavanie loginov do wtmp.
Jozef Babjak
babjak at hilbert.chtf.stuba.sk
Mon Nov 29 12:23:34 CET 2004
Zdravim,
urobil som pokus: vo WinSCP su 3 rezimy pripojenia: SCP, SFTP (allow SCP
fallback) a SFTP. Prvy rezim hlasku "subsystem requeset for sftp" do
/var/log/auth.log nezapise, zvysne dva ano. Zda sa, ze je to crta, nie
chyba.
> Neviem ako je to aktualne na 4.10, ale pokial je tam SSHD, pouzivajuci
> PAM, problem bude v nom (v PAM).
>
> Takze za predpokladu ze ho pouziva, pochval sa s
>
> cat /etc/pam.d/sshd
^-- Mam len /etc/pam.conf, relevantna cast je:
# OpenSSH with PAM support requires similar modules. The session one is
# a bit strange, though...
sshd auth sufficient pam_skey.so
sshd auth sufficient pam_opie.so
no_fake_prompts
#sshd auth requisite pam_opieaccess.so
#sshd auth sufficient pam_kerberosIV.so
try_first_pass
#sshd auth sufficient pam_krb5.so
try_first_pass
sshd auth required pam_unix.so
try_first_pass
sshd account required pam_unix.so
sshd password required pam_permit.so
sshd session required pam_permit.so
> (pouzitie PAM sa zapina v sshd_config cez "UsePAM yes")
^-- Myslite toto:
# Change to no to disable PAM authentication
#ChallengeResponseAuthentication yes
Nic ine ohladom PAM v sshd_config nemam.
J.
More information about the Users-l
mailing list