On Fri, 12 Jan 2007, fender wrote: > This module uses pam_set_data() function to save satus information for > next login attempts. With login application it works fine, but with > ssh application it doesn't work. "ssh" means OpenSSH, right? Afaik, OpenSSH runs PAM authentication in a standalone process forked off the master process (monitor). The process is started before every authentication attempt and exits after it. Any changes made to PAM data during the first attempt are lost before the next attempt. You can use some external (out-of-process) storage to store tokens. Or you can modify your module to be able to send and receive token during a single authentication attempt (using keyboard-interactive authetication method). Or you can hack OpenSSH to preserve PAM state between attemps (doable but quite tricky imho). --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation." _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
