rutwa189 / rpms / openssh

Forked from rpms/openssh a year ago
Clone

Blame SOURCES/openssh-7.8p1-UsePAM-warning.patch

943807
diff -up openssh-8.6p1/sshd.c.log-usepam-no openssh-8.6p1/sshd.c
943807
--- openssh-8.6p1/sshd.c.log-usepam-no	2021-04-19 14:00:45.099735129 +0200
943807
+++ openssh-8.6p1/sshd.c	2021-04-19 14:03:21.140920974 +0200
943807
@@ -1749,6 +1749,10 @@ main(int ac, char **av)
943807
 	parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name,
943807
 	    cfg, &includes, NULL);
943807
 
39b801
+	/* 'UsePAM no' is not supported in RHEL */
943807
+	if (! options.use_pam)
39b801
+		logit("WARNING: 'UsePAM no' is not supported in RHEL and may cause several problems.");
943807
+
943807
 #ifdef WITH_OPENSSL
943807
 	if (options.moduli_file != NULL)
943807
 		dh_set_moduli_file(options.moduli_file);
943807
diff -up openssh-8.6p1/sshd_config.log-usepam-no openssh-8.6p1/sshd_config
943807
--- openssh-8.6p1/sshd_config.log-usepam-no	2021-04-19 14:00:45.098735121 +0200
943807
+++ openssh-8.6p1/sshd_config	2021-04-19 14:00:45.099735129 +0200
943807
@@ -87,6 +87,8 @@ AuthorizedKeysFile	.ssh/authorized_keys
943807
 # If you just want the PAM account and session checks to run without
943807
 # PAM authentication, then enable this but set PasswordAuthentication
5dbb6f
 # and KbdInteractiveAuthentication to 'no'.
39b801
+# WARNING: 'UsePAM no' is not supported in RHEL and may cause several
943807
+# problems.
943807
 #UsePAM no
943807
 
943807
 #AllowAgentForwarding yes