Subject: Re: pam_ssh for users w/o private keys
To: None <current-users@netbsd.org>
From: Christos Zoulas <christos@tac.gw.com>
List: current-users
Date: 06/23/2005 01:22:35
In article <1119476837.427.36.camel@dawn.home.network>,
Julio M. Merino Vidal <jmmv84@gmail.com> wrote:
>Hi all,
>
>I've enabled pam_ssh in /etc/pam.d/display_manager, so that I can log in
>from gdm using my key's passphrase (and get an agent started).
>Everything is fine for my regular user, but it's not for others that
>don't have a private key in their home directory (i.e., root).
>
>I mean, if I try to log  in as root, gdm asks me for the ssh passphrase
>(something that shouldn't happen, as I see it).  At that point, I hit
>enter, hoping that it would proceed with the next authentication module,
>pam_unix, asking me the regular password.  But it does not.  It just
>reports a login error.
>
>AFAICS in the documentation, setting pam_ssh as sufficient (which is the
>default in the example display_manager file) should cause failures in
>this module to fallback to other modules in the chain (pam_unix).
>
>(I don't think this is a gdm specific bug since the same thing works
>fine under Linux, using whatever PAM implementation it has.)
>
>Am I wrong in my expectations?  Or is there a problem somewhere?

Did you type your password when it asked for the passphrase? Do you
have try first pass set?

christos