LINUX.ORG.RU

История изменений

Исправление tiandrey, (текущая версия) :

Рабочая там ссылка. Тебе нужно выключить аутентификацию по ключу. Если не поможет, то UseLogin должен решить проблему.

== sshd — various ==

The «UsePAM» configuration option is required to be enabled to make sshd go through the PAM stacks.

When «PrivilegeSeparation» is enabled in OpenSSH versions before 4.9, ssh will not run correctly through the PAM stacks. In 4.9 and later, this is fixed.

When public key authentication is used, the PAM auth stage is entirely skipped. The same goes for Challenge Response Authentication.

So pam_mount would normally ask for a password in the session stage, but in any OpenSSH to date, PAM modules do not seem to be able to ask for a password in the session stage, «conversation» always fails: https://bugzilla.mindrot.org/show_bug.cgi?id=926#c35 https://bugzilla.mindrot.org/show_bug.cgi?id=688

«UseLogin yes» may be used to enable pam_mount — irrespective of public key authentification, privilege separation or UsePAM=no. sshd itself will not do anything useful w.r.t. pam_mount, but it will call /bin/login which will then run through the PAM session stage, where pam_mount can ask your for a password. Read the sshd documentation about possible pitfalls involved using UseLogin.

Исходная версия tiandrey, :

Рабочая там ссылка. Тебе нужно выключить аутентификацию по ключу.

== sshd — various ==

The «UsePAM» configuration option is required to be enabled to make sshd go through the PAM stacks.

When «PrivilegeSeparation» is enabled in OpenSSH versions before 4.9, ssh will not run correctly through the PAM stacks. In 4.9 and later, this is fixed.

When public key authentication is used, the PAM auth stage is entirely skipped. The same goes for Challenge Response Authentication.

So pam_mount would normally ask for a password in the session stage, but in any OpenSSH to date, PAM modules do not seem to be able to ask for a password in the session stage, «conversation» always fails: https://bugzilla.mindrot.org/show_bug.cgi?id=926#c35 https://bugzilla.mindrot.org/show_bug.cgi?id=688

«UseLogin yes» may be used to enable pam_mount — irrespective of public key authentification, privilege separation or UsePAM=no. sshd itself will not do anything useful w.r.t. pam_mount, but it will call /bin/login which will then run through the PAM session stage, where pam_mount can ask your for a password. Read the sshd documentation about possible pitfalls involved using UseLogin.