[OpenAFS-devel] AFS and SSH once again
Simon Wilkinson
sxw@inf.ed.ac.uk
Fri, 16 Nov 2007 23:27:58 +0000
On 16 Nov 2007, at 23:12, Russ Allbery wrote:
>
> pam_afs creates a PAG and a token in a subprocess of ssh that is
> discarded
> after authentication. If this works on Solaris, I don't know how.
SunSSH doesn't use the same mechanism for intertwining the PAM and
SSH event loops that OpenSSH uses. In particular, I believe that
SunSSH preserves the behaviour that the authentication stack is
executed by a process that is an ancestor of the child shell.
S.