> This module uses pam_set_data() function to save satus information for > next login attempts. With login application it works fine, but with > ssh application it doesn't work. "ssh" means OpenSSH, right? Afaik, OpenSSH runs PAM authentication in a standalone process forked off the master process (monitor). The process is started before every authentication attempt and exits after it. Any changes made to PAM data during the first attempt are lost before the next attempt. You can use some external (out-of-process) storage to store tokens. Or you can modify your module to be able to send and receive token during a single authentication attempt (using keyboard-interactive authetication method). Or you can hack OpenSSH to preserve PAM state between attemps (doable but quite tricky imho).
Thanks Pavel. I'm thinking about sqlite to save module status information, when an user attempts to login trough ssh. Do you have any other idea to save that data? Regards, -- Federico _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
