- (dtucker) [README.platform] Add PAM section.

2025-02-01 14:41:52 +00:00 · 2005-11-05 16:28:35 +11:00 · 2005-11-05 16:28:35 +11:00 · 3a38c5a856
commit 3a38c5a856
parent 5fd8b02b44
2 changed files with 13 additions and 2 deletions
--- a/3
+++ b/3
@ -102,6 +102,7 @@
     [bufaux.c]
     Fix leaks in error paths, bz #1109 and #1110 reported by kremenek AT
     cs.stanford.edu; ok dtucker@
+ - (dtucker) [README.platform] Add PAM section.

 20051102
 - (dtucker) [openbsd-compat/bsd-misc.c] Bug #1108: fix broken strdup().
@ -3235,4 +3236,4 @@
   - (djm) Trim deprecated options from INSTALL. Mention UsePAM
   - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu

-$Id: ChangeLog,v 1.3952 2005/11/05 05:04:36 djm Exp $
+$Id: ChangeLog,v 1.3953 2005/11/05 05:28:35 dtucker Exp $
--- a/README.platform
+++ b/README.platform
@ -45,4 +45,14 @@ number is already in use on your system, you may change it at build time
 by configure'ing --with-cflags=-DAUE_openssh=32801 then rebuilding.


-$Id: README.platform,v 1.5 2005/02/20 10:01:49 dtucker Exp $
+Platforms using PAM
+-------------------
+As of OpenSSH 4.3p1, sshd will no longer check /etc/nologin itself when
+PAM is enabled.  To maintain existing behaviour, pam_nologin should be
+added to sshd's session stack which will prevent users from starting shell
+sessions.  Alternatively, pam_nologin can be added to either the auth or
+account stacks which will prevent authentication entirely, but will still
+return the output from pam_nologin to the client.
+
+
+$Id: README.platform,v 1.6 2005/11/05 05:28:35 dtucker Exp $