Nezaznamenavanie loginov do wtmp.

Jozef Babjak babjak at hilbert.chtf.stuba.sk
Mon Nov 29 12:23:34 CET 2004


Zdravim, 

urobil som pokus: vo WinSCP su 3 rezimy pripojenia: SCP, SFTP (allow SCP 
fallback) a SFTP. Prvy rezim hlasku "subsystem requeset for sftp" do 
/var/log/auth.log nezapise, zvysne dva ano. Zda sa, ze je to crta, nie 
chyba. 

> Neviem ako je to aktualne na 4.10, ale pokial je tam SSHD, pouzivajuci
> PAM, problem bude v nom (v PAM).
> 
> Takze za predpokladu ze ho pouziva, pochval sa s
> 
> cat /etc/pam.d/sshd

  ^-- Mam len /etc/pam.conf, relevantna cast je: 

# OpenSSH with PAM support requires similar modules.  The session one is
# a bit strange, though...
sshd    auth    sufficient      pam_skey.so
sshd    auth    sufficient      pam_opie.so                     
no_fake_prompts
#sshd   auth    requisite       pam_opieaccess.so
#sshd   auth    sufficient      pam_kerberosIV.so               
try_first_pass
#sshd   auth    sufficient      pam_krb5.so                     
try_first_pass
sshd    auth    required        pam_unix.so                     
try_first_pass
sshd    account required        pam_unix.so
sshd    password required       pam_permit.so
sshd    session required        pam_permit.so


> (pouzitie PAM sa zapina v sshd_config cez "UsePAM yes")
 
  ^-- Myslite toto:

# Change to no to disable PAM authentication
#ChallengeResponseAuthentication yes

Nic ine ohladom PAM v sshd_config nemam. 

J. 




More information about the Users-l mailing list