Hi, I am running Ubuntu. I am writing an executable that pam_exec will call in "session" mode. It will respond to session open/close events. It is almost completely working. This morning I was testing it using "su" and it was doing what i expected. I then started ssh-ing to the machine. That's when things became puzzling. if I "su" while on the machine the PAM_TTY environment variable is indeed a TTY string and is unique to the "session". However, if I treat "ssh" like "su" and try to ssh to a different user on the same machine, ex: $ ssh otherUser@xxxxxxxxxxxxxxxx then the PAM_TTY variable just shows "ssh". If I were logged in multiple times then all would appear to be on the same "line", so to speak. This does make sense I suppose. The "su" continues to use the tty of the caller. The "ssh" will eventually have a new tty. I am calling my PAM_EXEC's program very late in the session stack so I assumed that a tty would be available. Since the tty is not available, is there a unique session identifier that I can use? I have not seen mention of one. Seven _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list