https://bugzilla.mindrot.org/show_bug.cgi?id=2796
--- Comment #7 from Darren Tucker <[email protected]> --- (In reply to Tomas Mraz from comment #5) > from the sshd either via the conversation function This is problematic for the reason I described above: at the required point in the protocol there's no mechanism to interact with the user, so the conversation function would have to make (possibly unwarranted) assumptions about what each prompt means. > or via some other out of band mechanism. Then it would set > the PAM_AUTHTOK (and maybe also PAM_OLDAUTHTOK). I'd love for sshd be able to set PAM_AUTHTOK and PAM_OLDAUTHTOK via pam_set_item() but by my read of the original RFC the're not exposed to applications and a quick test with LinuxPAM backs this up. (aside: it seems like they don't even exist in the XSSO spec because they're misspelled: http://pubs.opengroup.org/onlinepubs/008329799/pam_set_item.htm#tagcjh_07_18). -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
