Hi Damien, On 05/25/2018 02:37 AM, Damien Miller wrote: > I think it's probably okay to allow the PTY in restricted sessions > generally. > > The global PermitTTY option as well as any authorized_keys options will > still apply. > > Does this solve your problem? > > diff --git a/auth.c b/auth.c > index 63366768..4fc95457 100644 > --- a/auth.c > +++ b/auth.c > @@ -1080,6 +1080,7 @@ auth_restrict_session(struct ssh *ssh) > > /* A blank sshauthopt defaults to permitting nothing */ > restricted = sshauthopt_new(); > + restricted->permit_pty_flag = 1; > restricted->restricted = 1; > > if (auth_activate_options(ssh, restricted) != 0) Yes, this does also work and it looks way better than my hack :) Thanks, Daniel _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev