jonathancammack / rpms / openssh

Forked from rpms/openssh 8 months ago
Clone

Blame SOURCES/openssh-7.8p1-UsePAM-warning.patch

aedd00
diff --git a/sshd.c b/sshd.c
aedd00
--- a/sshd.c
aedd00
+++ b/sshd.c
aedd00
@@ -1701,6 +1701,10 @@ main(int ac, char **av)
aedd00
 	parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name,
aedd00
 	    cfg, NULL);
aedd00
 
6c1f4d
+	/* 'UsePAM no' is not supported in RHEL */
aedd00
+	if (! options.use_pam)
6c1f4d
+		logit("WARNING: 'UsePAM no' is not supported in RHEL and may cause several problems.");
aedd00
+
aedd00
 	/* Fill in default values for those options not explicitly set. */
aedd00
 	fill_default_server_options(&options);
aedd00
 
aedd00
diff --git a/sshd_config b/sshd_config
aedd00
--- a/sshd_config
aedd00
+++ b/sshd_config
aedd00
@@ -101,6 +101,8 @@ GSSAPICleanupCredentials no
aedd00
 # If you just want the PAM account and session checks to run without
aedd00
 # PAM authentication, then enable this but set PasswordAuthentication
aedd00
 # and ChallengeResponseAuthentication to 'no'.
6c1f4d
+# WARNING: 'UsePAM no' is not supported in RHEL and may cause several
aedd00
+# problems.
aedd00
 UsePAM yes
aedd00
 
aedd00
 #AllowAgentForwarding yes