Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: pam_get_data / pam_set_data does not work if used if sshd

From: Darren Tucker (dtuckerzip.com.au)
Date: Sat Apr 23 2005 - 01:48:12 CDT

Kala B wrote:
> I have a PAM module which I use with /etc/pam.d/sshd. I do a
> pam_set_data() in the auth stack and do a pam_get_data() in the
> open_session call. But pam_get_data() returns "No module specific data
> is present". The same module when used with say, /etc/pam.d/login
> works fine. I checked that the pamhandle is the same. So, ideally it
> should contain the data.
> Is this problem specific to sshd or PAM?

A bit of both. PAM's API forces sshd to do contortions to support the
keyboard-interactive auth type, and this is part of the fallout. See:

Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
     Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Pam-list mailing list