openssh/openssh-7.6p1-enable_PAM_by_default.patch

29 lines
1.0 KiB
Diff
Raw Normal View History

2017-11-06 15:50:53 +01:00
# HG changeset patch
# Parent d47e806f23ad0649ef38b24e8cb9d5617e5d5d15
# force PAM in defaullt install (this was removed from upstream in 3.8p1)
# bnc#46749
# --used to be called '-pam-fix2'
diff --git a/openssh-7.6p1/sshd_config b/openssh-7.6p1/sshd_config
--- a/openssh-7.6p1/sshd_config
+++ b/openssh-7.6p1/sshd_config
@@ -75,17 +75,17 @@ AuthorizedKeysFile .ssh/authorized_keys
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
-#UsePAM no
+UsePAM yes
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes