--On Friday, November 16, 2007 08:10:30 PM + Simon Wilkinson
<[EMAIL PROTECTED]> wrote:
I talked about this at the last AFS BPW. Basically, OpenSSH normally
performs the PAM auth step from a process that doesn't own the eventual
shell (in fact, the process is spawned specifically to perform
On Nov 16, 2007, at 6:27 PM, Simon Wilkinson wrote:
On 16 Nov 2007, at 23:12, Russ Allbery wrote:
pam_afs creates a PAG and a token in a subprocess of ssh that is
discarded
after authentication. If this works on Solaris, I don't know how.
SunSSH doesn't use the same mechanism for inte
On 16 Nov 2007, at 23:12, Russ Allbery wrote:
pam_afs creates a PAG and a token in a subprocess of ssh that is
discarded
after authentication. If this works on Solaris, I don't know how.
SunSSH doesn't use the same mechanism for intertwining the PAM and
SSH event loops that OpenSSH use
Matthew Kolb <[EMAIL PROTECTED]> writes:
> On Nov 16, 2007, at 2:44 PM, Russ Allbery wrote:
>> pam_afs doen't work properly with ssh because it tries to do all of its
>> work in the auth stack instead of using the session stack to set up
>> tokens.
> Can you clarify this Russ? I am using pam wit
On 16 Nov 2007, at 19:44, Russ Allbery wrote:
pam_afs doen't work properly with ssh because it tries to do all of
its
work in the auth stack instead of using the session stack to set up
tokens.
I talked about this at the last AFS BPW. Basically, OpenSSH normally
performs the PAM auth step
On Nov 16, 2007, at 2:44 PM, Russ Allbery wrote:
Atro Tossavainen <[EMAIL PROTECTED]> writes:
One final point remains, though. I can log in using AFS passwords,
but
am not getting a token. The distribution includes OpenSSH 4.3p2, and
whether set_token is included or not doesn't seem to ma
Atro Tossavainen <[EMAIL PROTECTED]> writes:
> One final point remains, though. I can log in using AFS passwords, but
> am not getting a token. The distribution includes OpenSSH 4.3p2, and
> whether set_token is included or not doesn't seem to matter.
> Here is the /etc/pam.d/system-auth:
> au
> pam_afs doen't work properly with ssh because it tries to do all of its
> work in the auth stack instead of using the session stack to set up
> tokens.
RHEL4 systems using OpenSSH 3.9p1 have no such problem...?
--
Atro Tossavainen (Mr.) / The Institute of Biotechnology at
Systems
As readers may remember, I've just updated a PowerPC machine to the
newest version of Yellow Dog Linux and was having a bit of a hard
time with AFS.
Now everything seems to be working.
One final point remains, though. I can log in using AFS passwords,
but am not getting a token. The distributio
