On 07.10.2008 14:26, Tomas Mraz wrote:
On Tue, 2008-10-07 at 20:55 +1100, Darren Tucker wrote:
Thorsten Kukuk wrote:
On Mon, Oct 06, Max Bowsher wrote:
I know about the special behaviour of "!" in a password field when SSH
is managing authentication itself. My point is that this special
behavior does NOT exist any more when SSH is authenticating via PAM -
but I want it to!
...
Agreed, when sshd is configured to use PAM it delegates such things
to
it (as far as possible, anyway) so PAM is the right place to do this.
Personally I think pam_unix should do this check in the account stack
(there's also special-case handling of the *NP* string, for example)
but
that's probably a matter of taste.
I agree that pam_unix should be modified to do this check in the account
phase. I'll write a patch later.
Please don't make that behaviour compulsory, that will break many installations.
It would be nice if it were controlled with some command line parameter of the
module.
--
Sincerely Your, Dan.
_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list