Permalink
Browse files

Remove pam.d/sshd, doesn't work properly, user will need to use

"pefs addkey <dir>" when ssh'ing into an encrypted homedir
  • Loading branch information...
1 parent ca660df commit f6519e3fb08fb130a8d009cee103b997a18fdb48 @kmoore134 kmoore134 committed Oct 2, 2013
@@ -148,7 +148,6 @@ share/pcbsd/conf/prune-port-files
share/pcbsd/conf/desktop-excludes
share/pcbsd/conf/server-excludes
share/pcbsd/pefs/other
-share/pcbsd/pefs/sshd
share/pcbsd/pefs/system
share/pcbsd/distfiles/desktop-overlay.txz
share/pcbsd/distfiles/port-overlay.txz
@@ -78,4 +78,3 @@ fi
# Copy /etc/pam.d/ template files
cp /usr/local/share/pcbsd/pefs/other /etc/pam.d/other
cp /usr/local/share/pcbsd/pefs/system /etc/pam.d/system
-cp /usr/local/share/pcbsd/pefs/sshd /etc/pam.d/sshd
@@ -1,28 +0,0 @@
-#
-# $FreeBSD$
-#
-# PAM configuration for the "sshd" service
-#
-
-# auth
-auth sufficient pam_opie.so no_warn no_fake_prompts
-auth requisite pam_opieaccess.so no_warn allow_local
-#auth sufficient pam_krb5.so no_warn try_first_pass
-#auth sufficient pam_ssh.so no_warn try_first_pass
-auth sufficient pam_pefs.so try_first_pass delkeys
-auth required pam_unix.so no_warn try_first_pass
-
-# account
-account required pam_nologin.so
-#account required pam_krb5.so
-account required pam_login_access.so
-account required pam_unix.so
-
-# session
-#session optional pam_ssh.so want_agent
-session optional pam_pefs.so delkeys
-session required pam_permit.so
-
-# password
-#password sufficient pam_krb5.so no_warn try_first_pass
-password required pam_unix.so no_warn try_first_pass

0 comments on commit f6519e3

Please sign in to comment.