FS#2558 : sshd and pam

FS#2558 - sshd and pam

Attached to Project: Arch Linux
Opened by Łukasz Fibinger (lucke) - Wednesday, 13 April 2005, 07:21 GMT

Task Type	Feature Request
Category	Packages: Current
Status	Closed
Assigned To	No-one
Architecture	not specified
Severity	Medium
Priority	Normal
Reported Version	0.7 Wombat
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

http://bbs.archlinux.org/viewtopic.php?p=81404

In default, sshd (openssh) has no pam support enabled in config file, therefore it doesn't respect limits set in limits.conf file, making the box vulnerable to forkbombs (remote users can bomb the box even with sane limits set). Thus, I suggest sedding the sshd_config file while the build process, setting UsePam to Yes (and probably ChallengeResponseAuthentication to No as well, to make sshd use only account and sessions pam modules) in order to enable pam.

This task depends upon

Closed by Judd Vinet (judd)
Monday, 02 May 2005, 03:14 GMT
Reason for closing: Implemented
Additional comments about closing: Added for next build

Comment by eliott (cactus) - Sunday, 17 April 2005, 04:58 GMT

I second.

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#2558 - sshd and pam

Details

Loading...