| diff -up openssh-8.6p1/sshd.c.log-usepam-no openssh-8.6p1/sshd.c |
| |
| |
| @@ -1749,6 +1749,10 @@ main(int ac, char **av) |
| parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name, |
| cfg, &includes, NULL); |
| |
| + /* 'UsePAM no' is not supported in RHEL */ |
| + if (! options.use_pam) |
| + logit("WARNING: 'UsePAM no' is not supported in RHEL and may cause several problems."); |
| + |
| #ifdef WITH_OPENSSL |
| if (options.moduli_file != NULL) |
| dh_set_moduli_file(options.moduli_file); |
| diff -up openssh-8.6p1/sshd_config.log-usepam-no openssh-8.6p1/sshd_config |
| |
| |
| @@ -87,6 +87,8 @@ AuthorizedKeysFile .ssh/authorized_keys |
| # If you just want the PAM account and session checks to run without |
| # PAM authentication, then enable this but set PasswordAuthentication |
| # and KbdInteractiveAuthentication to 'no'. |
| +# WARNING: 'UsePAM no' is not supported in RHEL and may cause several |
| +# problems. |
| #UsePAM no |
| |
| #AllowAgentForwarding yes |