- (djm) Disable PAM kbd-int auth if privsep is turned on (it doesn't work)

author: Damien Miller <djm@mindrot.org> 2002-05-09 15:59:13 +1000
committer: Damien Miller <djm@mindrot.org> 2002-05-09 15:59:13 +1000
commit: ffc868ff836100ad41fe18a0e48e2705a211c417 (patch)
tree: db88d0dfd5de5868f367e36a126a9d40461992b8
parent: 0502a471e02b1b6e8ec5b0134766b28694b760a8 (diff)
2 files changed, 6 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index d71072f3f..48ef2d2e3 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,6 @@
+20020508
+ - (djm) Disable PAM kbd-int auth if privsep is turned on (it doesn't work)
 20020507
 - (tim) [openbsd-compat/bsd-arc4random.c] fix logic on when seed_rng() is
   called. Report by Chris Maxwell <maxwell@cs.dal.ca>
@@ -544,4 +547,4 @@
 - (stevesk) entropy.c: typo in debug message
 - (djm) ssh-keygen -i needs seeded RNG; report from markus@
-$Id: ChangeLog,v 1.2098 2002/05/08 23:04:14 tim Exp $
+$Id: ChangeLog,v 1.2099 2002/05/09 05:59:13 djm Exp $
diff --git a/auth2.c b/auth2.c
index 4c18d232d..61fd0a738 100644
--- a/auth2.c
+++ b/auth2.c
@@ -121,6 +121,8 @@ do_authentication2(void)
                options.kbd_interactive_authentication = 1;
        if (options.pam_authentication_via_kbd_int)
                options.kbd_interactive_authentication = 1;
+        if (use_privsep)
+                options.pam_authentication_via_kbd_int = 0;
        dispatch_init(&dispatch_protocol_error);
        dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request);
author	Damien Miller <djm@mindrot.org>	2002-05-09 15:59:13 +1000
committer	Damien Miller <djm@mindrot.org>	2002-05-09 15:59:13 +1000
commit	ffc868ff836100ad41fe18a0e48e2705a211c417 (patch)
tree	db88d0dfd5de5868f367e36a126a9d40461992b8
parent	0502a471e02b1b6e8ec5b0134766b28694b760a8 (diff)