bmh10 / rpms / openssh

Forked from rpms/openssh 2 days ago
Clone

Blame SOURCES/openssh-7.8p1-UsePAM-warning.patch

f5835d
diff --git a/sshd.c b/sshd.c
f5835d
--- a/sshd.c
f5835d
+++ b/sshd.c
f5835d
@@ -1701,6 +1701,10 @@ main(int ac, char **av)
f5835d
 	parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name,
f5835d
 	    cfg, NULL);
f5835d
 
3a2fd7
+	/* 'UsePAM no' is not supported in RHEL */
f5835d
+	if (! options.use_pam)
3a2fd7
+		logit("WARNING: 'UsePAM no' is not supported in RHEL and may cause several problems.");
f5835d
+
f5835d
 	/* Fill in default values for those options not explicitly set. */
4369a3
 	fill_default_server_options(&options);
4369a3
 
f5835d
diff --git a/sshd_config b/sshd_config
f5835d
--- a/sshd_config
f5835d
+++ b/sshd_config
f5835d
@@ -101,6 +101,8 @@ GSSAPICleanupCredentials no
f5835d
 # If you just want the PAM account and session checks to run without
f5835d
 # PAM authentication, then enable this but set PasswordAuthentication
f5835d
 # and ChallengeResponseAuthentication to 'no'.
3a2fd7
+# WARNING: 'UsePAM no' is not supported in RHEL and may cause several
f5835d
+# problems.
f5835d
 UsePAM yes
f5835d
 
f5835d
 #AllowAgentForwarding yes