Re: PAM modules

看板FB_security作者時間14年前 (2011/09/20 02:32), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串19/37 (看更多)
On 9/16/2011 3:10 PM, Corey Smith wrote: > On 09/16/2011 11:05 AM, Dag-Erling Sm鷨grav wrote: >> My question is: which ones? > > security/pam_ssh_agent_auth > > It is BSD licensed and handy for sudo. Neato, I didnt know of this module for sudo! However, with the default install on AMD64, I am getting coredump. I added # auth auth include system - +auth sufficient /usr/local/lib/pam_ssh_agent_auth.so file=/etc/sudokeys debug # account account include system to /usr/local/etc/pam.d/sudo and added --- sudoers.sample 2011-09-19 13:24:56.000000000 -0400 +++ sudoers 2011-09-19 13:29:17.000000000 -0400 @@ -62,6 +62,10 @@ ## Uncomment to enable special input methods. Care should be taken as ## this may allow users to subvert the command being run via sudo. # Defaults env_keep += "XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER" + +Defaults env_keep += SSH_AUTH_SOCK + + I must be missing something obvious? ---Mike -- ------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/ _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 mike. 的文章
文章代碼(AID): #1ETugaso (FB_security)
更多 mike. 的文章
文章代碼(AID): #1ETugaso (FB_security)