When OpenSSH is built with PAM support, on getting an authentication request the OpenSSH daemon will invoke PAM functions, as instructed in the /etc/pam.d/sshd file. At what point(s) before the authentication stage is concluded does the daemon invoke such functions? What are the criteria that have been adopted to select when to start interacting with PAM? I am pretty sure that, for example, the validity of the username is tested before PAM gets at all involved, right? _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
