From 4330e6af2b04d245b43b2a6f22983f5685d156c4 Mon Sep 17 00:00:00 2001 From: "Jan F. Chadima" Date: Wed, 16 Sep 2009 08:12:30 +0000 Subject: [PATCH] Changed pam stack to password-auth --- openssh.spec | 5 ++++- sshd.pam | 8 ++++---- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/openssh.spec b/openssh.spec index 542fdf7..1ad25af 100644 --- a/openssh.spec +++ b/openssh.spec @@ -63,7 +63,7 @@ Summary: An open source implementation of SSH protocol versions 1 and 2 Name: openssh Version: 5.2p1 -Release: 25%{?dist}%{?rescue_rel} +Release: 26%{?dist}%{?rescue_rel} URL: http://www.openssh.com/portable.html #Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz #Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.asc @@ -466,6 +466,9 @@ fi %endif %changelog +* Wed Sep 16 2009 Jan F. Chadima - 5.2p1-26 +- Changed pam stack to password-auth + * Fri Sep 11 2009 Jan F. Chadima - 5.2p1-25 - Dropped homechroot patch diff --git a/sshd.pam b/sshd.pam index dcfa756..bf775a3 100644 --- a/sshd.pam +++ b/sshd.pam @@ -1,13 +1,13 @@ #%PAM-1.0 auth required pam_sepermit.so -auth include system-auth +auth include password-auth account required pam_nologin.so -account include system-auth -password include system-auth +account include password-auth +password include password-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_loginuid.so # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open env_params session optional pam_keyinit.so force revoke -session include system-auth +session include password-auth