Enrique de la Torre Gordaliza wrote: > In every client, I have the next entry on pam_ldap.conf [...] > But Ive created a public key pair with ssh-keygen, and I can log in > all the clients ($HOME throw NFS) although my user has no "accessto" > attribute for these hosts.
Is this in the auth phase? As this will be bypassed using public/private key authentication since this is performed by sshd as PAM knows knowing about it. It might be worth experimenting to see whether it works in the account or session PAM phases instead. Ben
