Thomas Fazekas
unread,Apr 15, 2021, 8:54:57 AM4/15/21You do not have permission to delete messages in this group
Sign in to report message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to
Dears,
the other day I wanted to setup an sftp service that I want to keep it separate from the standard ssh service (with in my case is the one provided by Ubuntu 20.04)
Accordingly I've recompiled the OpenSSH sources with : "./configure --prefix=/opt/openssh-8.5p1 --with-pam --with-pam-service=sshcd"
"sshcd" - in my case representing SSH Custom Daemon.
Now, the authentication is suppose to happen via LDAP so on purpose I did NOT provide any sshcd.conf file in /etc/pam.d/ folder, expecting that, at least in the beginning, I will not be able to log in to my shiny new ssh daemon.
To my surprise username/password authentication works, and what's even more puzzling is that if I look in the log I can even see using pam modules :
...
[Apr 15 14:50:14][vm-1][authpriv][sshcd[2191]:][info] pam_unix(sshcd:session): session opened for user test1 by (uid=0)
...
there are more pam related logs so clearly my service is using some pam modules without me providing any configuration.
Again, there is no /etc/pam.d/sshcd.conf
Is there an explanation for this ?
Right now I'm worried about what else works without me wanting it to work ;)