[OpenAFS] Re: openssh-3.7.1, pam and no token after login
John Koyle
jkoyle@rfpdepot.com
Tue, 16 Dec 2003 16:34:28 -0700
I'm not sure if this will help or not, but from the v3.7.1p2 man page:
UsePAM Enables PAM authentication (via challenge-response)
and session set up. If you enable this, you should
probably disable PasswordAuthentication. If you
enable then you will not be able to run sshd as a
non-root user.
So I'd also try setting
PasswordAuthentication no
in the config as well.
HTH,
John
On Tue, 2003-12-16 at 16:13, Hendrik Hoeth wrote:
> That's a hint. With UsePAM yes in my sshd_config I'm asked for my
> password and then for the AFS password. If I enter both, I get a token.
> So what happens now with the try_first_pass option of the afs pam
> module? Is it ignored? Or is the password not passed to the afs pam
> module the first time?
>
> Hendrik
>
> Thus spake John Koyle (jkoyle@rfpdepot.com):
>
> > IIRC, the default settings for OpenSSH changed with version 3.7.1.
> > Have you checked to see if
> >
> > UsePAM yes
> >
> > is configured in your sshd_config file? If not, try setting that and
> > restarting sshd.