Blame openssh-7.8p1-UsePAM-warning.patch
|
Dmitry Belyavskiy |
9dff9c |
diff -up openssh-8.6p1/sshd.c.log-usepam-no openssh-8.6p1/sshd.c
|
|
Dmitry Belyavskiy |
9dff9c |
--- openssh-8.6p1/sshd.c.log-usepam-no 2021-04-19 14:00:45.099735129 +0200
|
|
Dmitry Belyavskiy |
9dff9c |
+++ openssh-8.6p1/sshd.c 2021-04-19 14:03:21.140920974 +0200
|
|
Dmitry Belyavskiy |
9dff9c |
@@ -1749,6 +1749,10 @@ main(int ac, char **av)
|
|
Petr Šabata |
81d24c |
parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name,
|
|
Petr Šabata |
81d24c |
cfg, &includes, NULL);
|
|
Petr Šabata |
81d24c |
|
|
Zoltan Fridrich |
1325e1 |
+ /* 'UsePAM no' is not supported in RHEL */
|
|
Petr Šabata |
81d24c |
+ if (! options.use_pam)
|
|
Zoltan Fridrich |
1325e1 |
+ logit("WARNING: 'UsePAM no' is not supported in RHEL and may cause several problems.");
|
|
Petr Šabata |
81d24c |
+
|
|
Dmitry Belyavskiy |
9dff9c |
#ifdef WITH_OPENSSL
|
|
Dmitry Belyavskiy |
9dff9c |
if (options.moduli_file != NULL)
|
|
Dmitry Belyavskiy |
9dff9c |
dh_set_moduli_file(options.moduli_file);
|
|
Dmitry Belyavskiy |
9dff9c |
diff -up openssh-8.6p1/sshd_config.log-usepam-no openssh-8.6p1/sshd_config
|
|
Dmitry Belyavskiy |
9dff9c |
--- openssh-8.6p1/sshd_config.log-usepam-no 2021-04-19 14:00:45.098735121 +0200
|
|
Dmitry Belyavskiy |
9dff9c |
+++ openssh-8.6p1/sshd_config 2021-04-19 14:00:45.099735129 +0200
|
|
Dmitry Belyavskiy |
9dff9c |
@@ -87,6 +87,8 @@ AuthorizedKeysFile .ssh/authorized_keys
|
|
Petr Šabata |
81d24c |
# If you just want the PAM account and session checks to run without
|
|
Petr Šabata |
81d24c |
# PAM authentication, then enable this but set PasswordAuthentication
|
|
Dmitry Belyavskiy |
f9e5de |
# and KbdInteractiveAuthentication to 'no'.
|
|
Zoltan Fridrich |
1325e1 |
+# WARNING: 'UsePAM no' is not supported in RHEL and may cause several
|
|
Petr Šabata |
81d24c |
+# problems.
|
|
Petr Šabata |
81d24c |
#UsePAM no
|
|
Petr Šabata |
81d24c |
|
|
Petr Šabata |
81d24c |
#AllowAgentForwarding yes
|