2017-06-02 8:15 GMT+02:00 Stef Bon <stefbon@xxxxxxxxx>: > > This will work, but is very constructed. might there be another easier way? Hi, I'm thinking about using pam for this purpose. My fileserver watches a file with fanotify, getting the pid of the process which wants to open and write to a file, for example /run/ssh-remote-access The sshd process uses a pammodule (pam_bfileserver for example in the session phase of pam) which writes information like: %PID%:%PAM_RHOST%:%PAM_RUSER% to this file. While it is busy doing so, other processes are blocked to write to it. When this data is written, bfileserver reads these values, compares with the pid fanotify reported, and if they match, bfileserver "knows" the remote address. bfileserver clears the file, and allows access to it by other processes. The pammodule should proceed if file not found. Stef _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev