[OpenAFS] PAM-AFS isn't working with openssh-3.7.1p1 (sun4x_58)
John Tang Boyland
boyland@solomons.cs.uwm.edu
Fri, 26 Sep 2003 13:22:56 -0500
] > I don't think that this is the only problem. I had a look at the ssh
] > sources and made a posting yesterday with a patch. It fixes the problems
] > i found with my combination of pam_krb5 and pam_aklog.
] >
] > What happens is that the authentication thread is executed in a separate
] > thread where only pam_authenticate() is executed. The thread exits and
] > pam_setcred() does not get executed in the same thread. Environment
] > variables do not get stored as they should.
]
] Then it may be sufficient to just add the "set-token" option to
] pam_afs.so. That does all the setcred features during authenticate.
I tried adding "set-token" and "set_token" to the sshd auth line in pam.conf
but I still get the same behavior: no pag, no token
(although as I mentioned, it does permit me to log on).
This is with openssh-3.7.1p2 (sun4x_58) (since p1 had PAM errors)
(I did not use the patch bundle as it seemed mainly involved with
passing tokens.)
John