Nico Kadel-Garcia <nkadel@xxxxxxxxx> writes: > Dag-Erling Smørgrav <des@xxxxxx> writes: > > It is relatively trivial to write a PAM module to do that. > Which will have the relevant configuration overwritten and disabled > the next time you run "authconfig" on Red Hat based sysems. I'm not > sure if this occurs with other systems, but tuning PAM is like tuning > SELinux: it's a lot of extra work with little return-on-investment, > and in this case for a change that will irritate *every single user* > and break a number of API's. I can't recommend this approach. It won't break any APIs, and have you considered that OP might not have a choice? That this may be a legal requirement? DES -- Dag-Erling Smørgrav - des@xxxxxx _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev