[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] SSH version 2.5.1
- Subject: Re: [cobalt-security] SSH version 2.5.1
- From: Harald Kapper <hk@xxxxxxxxxx>
- Date: Wed, 28 Feb 2001 04:41:06 +0100
- Organization: kapper.net, Inc.
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
hi,
from the openssh-2.5.1p1 install-file:
on pam-enabled systems (if you want to use pam) you have to do a ./configure --with-pam
and you have to put a file with content into /etc/pam.d/sshd
content taken from the contrib-folder of openssh:
#%PAM-1.0
auth required /lib/security/pam_unix.so shadow nodelay
auth required /lib/security/pam_nologin.so
account required /lib/security/pam_unix.so
password required /lib/security/pam_cracklib.so
password required /lib/security/pam_unix.so shadow nullok use_authtok
session required /lib/security/pam_unix.so
session required /lib/security/pam_limits.so
hth,
hk / kapper.net
ps. basically as raq's use shadow-passwords, it should also work fine to configure and
compile without pam, anyway, your login-rights are then only restricted by the shadowpwds.
pps. had to install openssl-0.9.6 before I could setup latest openssh on a newly setup raq4.
On Mon, 26 Feb 2001 15:01:40 +0100, "Przemyslaw Frak" <przemo@xxxxxxxxxxxxxxxx> wrote to <cobalt-security@xxxxxxxxxxxxxxx>:
>Wrong pam version.
>Try to intsall 2.3.0 p1 :)
>It is bug free too :)
>Przemo