Using pam_ssh with gdm
Joe Kelsey
joek at mail.flyingcroc.net
Mon Oct 13 09:35:04 PDT 2003
Alexander Leidinger wrote:
> On Mon, 13 Oct 2003 07:56:21 -0700
> Joe Kelsey <joek at mail.flyingcroc.net> wrote:
>
>
>>I want to use pam_ssh with gdm to "streamline" my login. From reading
>>the pam_ssh man page, it claims that the session module starts ssh-agent
>>and passes any authenticated keys. Keys get authenticated during the
>>"auth" phase.
>>
>>I currently have the following lines in /etc/pam.conf:
>
>
> I use it with xdm (on -current), try this instead:
> ---snip---
> gdm auth sufficient pam_ssh.so no_warn try_first_pass
> gdm auth required pam_unix.so no_warn try_first_pass
>
> gdm account required pam_unix.so
>
> gdm session optional pam_ssh.so
> gdm session required pam_permit.so
> ---snip---
>
> Use your ssh password to login.
Thanks.
That seems to solve the problem of the first attempt always fails, but
it still does not solve the problem of passing my authorized keys to
ssh-agent. The ssh-agent still has no identities loaded and I still
have to run ssh-add separately in order to get the identities in.
I don't know if I really like the idea of using just my ssh pass phrase
and eliminating my UNIX password, but I guess I can recover from 25
years of typing my UNIX password(s) eventually...
/Joe
More information about the freebsd-gnome
mailing list