[OpenAFS] PAM-AFS isn't working with openssh-3.7.1p1 (sun4x_58)

John Tang Boyland boyland@solomons.cs.uwm.edu
Fri, 26 Sep 2003 13:22:56 -0500

] > I don't think that this is the only problem. I had a look at the ssh
] > sources and made a posting yesterday with a patch. It fixes the problems
] > i found with my combination of pam_krb5 and pam_aklog.
] >
] > What happens is that the authentication thread is executed in a separate
] > thread where only pam_authenticate() is executed. The thread exits and
] > pam_setcred() does not get executed in the same thread. Environment
] > variables do not get stored as they should.
] Then it may be sufficient to just add the "set-token" option to
] pam_afs.so.  That does all the setcred features during authenticate.

I tried adding "set-token" and "set_token" to the sshd auth line in pam.conf
but I still get the same behavior: no pag, no token
(although as I mentioned, it does permit me to log on).

This is with openssh-3.7.1p2 (sun4x_58) (since p1 had PAM errors)
(I did not use the patch bundle as it seemed mainly involved with
passing tokens.)