On 16 Dec 2008, at 14:32, Rowley, Mathew wrote: > My question was more - if you have PAM and GSSAPI both enables, > will the ssh client still go through the PAM stack (for > authorization purposes).
Yes it will. Any authorization rules enforced by the account step, any additional credentials gained by the setcred step, and any session initialisation performed by the session step will all occur for GSSAPI authenticated connections. S. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
