https://bugzilla.mindrot.org/show_bug.cgi?id=2408
Jakub Jelen <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #5 from Jakub Jelen <[email protected]> --- This seems to be a reasonable way to communicate authentication details with PAM and missing piece in the troublesome two factor authentication in SSH. I didn't find any problem with this patch. The only thought coming to my mind is possible disclosure of user data to running application(s). I would also consider adding some knob to turn this export off (ExportUserauthEnvironment ?) and turn it off by default. Still, using 2FA is not too common in SSH deployment. -- You are receiving this mail because: You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
