rcolebaugh / rpms / openssh

Forked from rpms/openssh 2 years ago
Clone
Dmitry Belyavskiy 9dff9c
diff -up openssh-8.6p1/sshd.c.log-usepam-no openssh-8.6p1/sshd.c
Dmitry Belyavskiy 9dff9c
--- openssh-8.6p1/sshd.c.log-usepam-no	2021-04-19 14:00:45.099735129 +0200
Dmitry Belyavskiy 9dff9c
+++ openssh-8.6p1/sshd.c	2021-04-19 14:03:21.140920974 +0200
Dmitry Belyavskiy 9dff9c
@@ -1749,6 +1749,10 @@ main(int ac, char **av)
Petr Šabata 81d24c
 	parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name,
Petr Šabata 81d24c
 	    cfg, &includes, NULL);
Petr Šabata 81d24c
 
Zoltan Fridrich 1325e1
+	/* 'UsePAM no' is not supported in RHEL */
Petr Šabata 81d24c
+	if (! options.use_pam)
Zoltan Fridrich 1325e1
+		logit("WARNING: 'UsePAM no' is not supported in RHEL and may cause several problems.");
Petr Šabata 81d24c
+
Dmitry Belyavskiy 9dff9c
 #ifdef WITH_OPENSSL
Dmitry Belyavskiy 9dff9c
 	if (options.moduli_file != NULL)
Dmitry Belyavskiy 9dff9c
 		dh_set_moduli_file(options.moduli_file);
Dmitry Belyavskiy 9dff9c
diff -up openssh-8.6p1/sshd_config.log-usepam-no openssh-8.6p1/sshd_config
Dmitry Belyavskiy 9dff9c
--- openssh-8.6p1/sshd_config.log-usepam-no	2021-04-19 14:00:45.098735121 +0200
Dmitry Belyavskiy 9dff9c
+++ openssh-8.6p1/sshd_config	2021-04-19 14:00:45.099735129 +0200
Dmitry Belyavskiy 9dff9c
@@ -87,6 +87,8 @@ AuthorizedKeysFile	.ssh/authorized_keys
Petr Šabata 81d24c
 # If you just want the PAM account and session checks to run without
Petr Šabata 81d24c
 # PAM authentication, then enable this but set PasswordAuthentication
Dmitry Belyavskiy f9e5de
 # and KbdInteractiveAuthentication to 'no'.
Zoltan Fridrich 1325e1
+# WARNING: 'UsePAM no' is not supported in RHEL and may cause several
Petr Šabata 81d24c
+# problems.
Petr Šabata 81d24c
 #UsePAM no
Petr Šabata 81d24c
 
Petr Šabata 81d24c
 #AllowAgentForwarding yes