openssh/openssh-7.2p2-UsePAM-UseLogin-warning.patch
2016-06-24 12:07:22 +02:00

40 lines
1.3 KiB
Diff

diff --git a/sshd.c b/sshd.c
--- a/sshd.c
+++ b/sshd.c
@@ -1701,6 +1701,14 @@ main(int ac, char **av)
parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name,
&cfg, NULL);
+ /* 'UseLogin yes' is not supported in Fedora */
+ if (options.use_login)
+ logit("WARNING: 'UseLogin yes' is not supported in Fedora and may cause several problems.");
+
+ /* 'UsePAM no' is not supported in Fedora */
+ if (! options.use_pam)
+ logit("WARNING: 'UsePAM no' is not supported in Fedora and may cause several problems.");
+
seed_rng();
/* Fill in default values for those options not explicitly set. */
diff --git a/sshd_config b/sshd_config
--- a/sshd_config
+++ b/sshd_config
@@ -101,6 +101,8 @@ GSSAPICleanupCredentials no
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
+# WARNING: 'UsePAM no' is not supported in Fedora and may cause several
+# problems.
UsePAM yes
#AllowAgentForwarding yes
@@ -113,6 +115,8 @@ X11Forwarding yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
+# WARNING: 'UseLogin yes' is not supported in Fedora and may cause several
+# problems.
#UseLogin no
#UsePrivilegeSeparation sandbox
#PermitUserEnvironment no