-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FR: ensure that pam_mkhomedir works when used via Tailscale SSH #11854
Comments
This works on more recent versions of Linux and has the benefit of allow PAM login actions to run. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This works on more recent versions of Linux and has the benefit of allow PAM login actions to run. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This works on more recent versions of Linux and has the benefit of allow PAM login actions to run. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This works on more recent versions of Linux and has the benefit of allow PAM login actions to run. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This works on more recent versions of Linux and has the benefit of allow PAM login actions to run. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This works on more recent versions of Linux and has the benefit of allowing PAM login actions to run. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This works on more recent versions of Linux and has the benefit of allowing PAM login actions to run. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This works on more recent versions of Linux and has the benefit of allowing PAM login actions to run. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This works on more recent versions of Linux and has the benefit of allowing PAM login actions to run. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This works on more recent versions of Linux and has the benefit of allowing PAM login actions to run. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This works on more recent versions of Linux and has the benefit of allowing PAM login actions to run. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This works on more recent versions of Linux and has the benefit of allowing PAM login actions to run. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This works on more recent versions of Linux and has the benefit of allowing PAM login actions to run. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
Adds basic integration tests for beIncubator that run on - MacOS - Ubuntu - Fedora Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
Adds basic integration tests for beIncubator that run on - MacOS - Ubuntu - Fedora Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
Adds basic integration tests for beIncubator that run on - MacOS - Ubuntu - Fedora Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
Adds basic integration tests for beIncubator that can run on: - MacOS - Ubuntu - Fedora Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
Adds basic integration tests for beIncubator that can run on: - MacOS - Ubuntu - Fedora Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This allows pam authentication to run for ssh sessions, triggering automation like pam_mkhomedir. Note - this does not apply to SFTP, only shells and remotely executed commands. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This overlaps somewhat with #9395. |
This allows pam authentication to run for ssh sessions, triggering automation like pam_mkhomedir. Note - this does not apply to SFTP, only shells and remotely executed commands. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This allows pam authentication to run for ssh sessions, triggering automation like pam_mkhomedir. Note - this does not apply to SFTP, only shells and remotely executed commands. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This allows pam authentication to run for ssh sessions, triggering automation like pam_mkhomedir. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This allows pam authentication to run for ssh sessions, triggering automation like pam_mkhomedir. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This allows pam authentication to run for ssh sessions, triggering automation like pam_mkhomedir. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This allows pam authentication to run for ssh sessions, triggering automation like pam_mkhomedir. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
FYI some of these changes appear to have removed some workarounds for Tailscale SSH on SELinux and it no longer works on a Fedora 40 host: #12442 |
This allows pam authentication to run for ssh sessions, triggering automation like pam_mkhomedir. Updates tailscale#11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
Is there a way to try out the new I am hopeful this will solve some of the issues related to environment differences between OpenSSH and Tailscale SSH. We're trying to get
There is already |
Introduces ssh-behavior-v2 node attribute to override ssh-behavior-v1. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
@process I've opened a PR to allow enabling the new behavior via node attribute. I'll let you know once it's available on unstable. |
Introduces ssh-behavior-v2 node attribute to override ssh-behavior-v1. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
Introduces ssh-behavior-v2 node attribute to override ssh-behavior-v1. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
Introduces ssh-behavior-v2 node attribute to override ssh-behavior-v1. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
Introduces ssh-behavior-v2 node attribute to override ssh-behavior-v1. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
Introduces ssh-behavior-v2 node attribute to override ssh-behavior-v1. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
Introduces ssh-behavior-v2 node attribute to override ssh-behavior-v1. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
This allows pam authentication to run for ssh sessions, triggering automation like pam_mkhomedir. Updates tailscale#11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
Introduces ssh-behavior-v2 node attribute to override ssh-behavior-v1. Updates #11854 Signed-off-by: Percy Wegmann <percy@tailscale.com>
What are you trying to do?
Connect to a Linux server from a VSCode client using Tailscale SSH. The Linux server has pam_mkhomedir configured and should automatically create the user's homedir with the start of the ssh session.
How should we solve this?
No response
What is the impact of not solving this?
No response
Anything else?
No response
The text was updated successfully, but these errors were encountered: