From ca7f6f719ad5f168b25165caaff658f21c784c4e Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Mon, 10 Feb 2014 03:08:45 +0000 Subject: Add the pam_keyinit session module, to create a new session keyring on login (closes: #734816). --- debian/changelog | 2 ++ debian/openssh-server.sshd.pam | 3 +++ 2 files changed, 5 insertions(+) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 38869d995..1b0e27201 100644 --- a/debian/changelog +++ b/debian/changelog @@ -18,6 +18,8 @@ openssh (1:6.5p1-1) UNRELEASED; urgency=medium reasoning. * Add OpenPGP signature checking configuration to watch file (thanks, Daniel Kahn Gillmor; closes: #732441). + * Add the pam_keyinit session module, to create a new session keyring on + login (closes: #734816). -- Colin Watson Sun, 09 Feb 2014 15:52:14 +0000 diff --git a/debian/openssh-server.sshd.pam b/debian/openssh-server.sshd.pam index 5f7ab2f60..7978b0c64 100644 --- a/debian/openssh-server.sshd.pam +++ b/debian/openssh-server.sshd.pam @@ -21,6 +21,9 @@ session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_ # Set the loginuid process attribute. session required pam_loginuid.so +# Create a new session keyring. +session optional pam_keyinit.so force revoke + # Standard Un*x session setup and teardown. @include common-session -- cgit v1.2.3