From owner-freebsd-stable Mon Oct 7 17: 4: 3 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2A99337B401 for ; Mon, 7 Oct 2002 17:04:01 -0700 (PDT) Received: from maul.immure.com (maul.immure.com [207.8.42.72]) by mx1.FreeBSD.org (Postfix) with ESMTP id E343D43E6A for ; Mon, 7 Oct 2002 17:03:59 -0700 (PDT) (envelope-from bob@immure.com) Received: (from root@localhost) by maul.immure.com (8.11.5/8.11.2) id g9803x592914 for freebsd-stable@freebsd.org; Mon, 7 Oct 2002 19:03:59 -0500 (CDT) (envelope-from bob@immure.com) Received: from luke.immure.com (luke.vieo.com [10.1.132.3]) by maul.immure.com (8.11.5/8.11.2) with ESMTP id g9803um92706; Mon, 7 Oct 2002 19:03:56 -0500 (CDT) (envelope-from bob@immure.com) Received: (from root@localhost) by luke.immure.com (8.12.5/8.12.3) id g9803tKs057745; Mon, 7 Oct 2002 19:03:55 -0500 (CDT) (envelope-from bob@luke.immure.com) Received: from luke.immure.com (localhost [127.0.0.1]) by luke.immure.com (8.12.5/8.12.3) with ESMTP id g9803ted057720; Mon, 7 Oct 2002 19:03:55 -0500 (CDT) (envelope-from bob@luke.immure.com) Received: (from bob@localhost) by luke.immure.com (8.12.5/8.12.5/Submit) id g9803tKU057719; Mon, 7 Oct 2002 19:03:55 -0500 (CDT) Date: Mon, 7 Oct 2002 19:03:55 -0500 From: Bob Willcox To: Kris Kennaway Cc: Samuel Chow , dmagda@ee.ryerson.ca, Jamie Heckford , freebsd-stable@freebsd.org Subject: Re: sshd_config vs. PAM Message-ID: <20021008000355.GI29829@luke.immure.com> Reply-To: Bob Willcox References: <200209272135.g8RLZ3We005877@arch20m.dellroad.org> <002e01c26873$3d717a50$3264a8c0@BONG> <864rc3f4ks.fsf@number6.magda.ca> <20021005155131.GA8769@luke.immure.com> <01c201c26e54$f00f54c0$9284412f@SAMCHOW2> <20021007232051.GA31301@xor.obsecurity.org> <20021007234248.GH29829@luke.immure.com> <20021007235624.GB32177@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20021007235624.GB32177@xor.obsecurity.org> User-Agent: Mutt/1.5.1i X-scanner: scanned by Inflex 1.0.12.3 on luke.immure.com X-scanner: scanned by Inflex 0.1.5c+ on maul.immure.com Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Oct 07, 2002 at 04:56:24PM -0700, Kris Kennaway wrote: > On Mon, Oct 07, 2002 at 06:42:48PM -0500, Bob Willcox wrote: > > On Mon, Oct 07, 2002 at 04:20:51PM -0700, Kris Kennaway wrote: > > > On Mon, Oct 07, 2002 at 04:57:39PM -0600, Samuel Chow wrote: > > > > > > > > > > > > > BTW, is there a way to completely disable PAM on a system? > > > > > > > > I was looking at it a couple months back. There is > > > > the NOPAM compiler flag. Unfortunately, telnet and > > > > ssh does not obey it. I have some untested patch > > > > at home before I got too busy with other non-FreeBSD > > > > things. > > > > > > PAM is considered to be an integral part of the system thesedays; as > > > such there's no support for compiling without it. > > > > Too bad. I find it to be rather painful to understand and configure, and > > overkill for most of uses. > > Well, the point is that the default configuration is supposed to be > exactly equivalent to the old non-PAM behaviour, so you shouldn't have > to touch *anything* unless you want to change this behaviour (which > would have required code changes in the non-PAM case). I have to admit, that recently (last year or so) this seems to be the case. It wasn't always that way, though. As I recall, rlogin didn't work w/o modifying the PAM configuration file for quite some time. I still contend that, for the PAM challenged, the description of the configuration file is a tough read. Bob > > Kris -- Bob Willcox We seem to have forgotten the simple truth that bob@vieo.com reason is never perfect. Only non-sense attains Austin, TX perfection. -- Poul Henningsen [1894-1967] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message