Carson Gaspar <[EMAIL PROTECTED]> writes: > Almost certainly - PAM fixes abound in recent openssh versions. Things > to try:
> - Turn off PrivSep (most likely to fix your problem) > - Test the newly released 4.4p1 Note that privilege separation is fine provided that the PAG is created in your session module. The problem comes with PAM modules that create the PAG during authentication (such as the K4 PAM module that comes with OpenAFS), which really isn't correct given the semantics of PAM anyway. OpenSSH will run the session module at the right place for PAG semantics to work properly. -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/> _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
