2008/12/16 Jens Peter Secher <j...@debian.org>: > That is intentional to make it harder to tell the difference between > which users exist and which do not.
(I know, it was just to point to the fact the pam-ssh is actually running) > Using option 'try_first_pass' does not make any difference when no > previous module has asked for a password. Mmm, it makes the module to ask the unlock password just if it finds the ssh key (if I take it away, I'm asked for the ssh password, but it still doesn't work for it doesn't find the key anyway) >> auth optional pam_gnome_keyring.so > > Ahh, Gnome Keyring. I commented it out, no difference... > working. If you find something that is not working in such a basic > environment, you should try to add the 'debug' option to pam_ssh and > watch /var/log/auth.log. This is a snippet from auth.log Dec 16 00:30:21 glenda pam_ssh[6179]: debug1: Authentication debugging. Dec 16 00:30:21 glenda pam_ssh[6179]: debug1: Looking for SSH login keys in /home/luca/.ssh/login-keys.d/. Dec 16 00:30:21 glenda pam_ssh[6179]: debug1: No SSH login keys found. Dec 16 00:30:21 glenda pam_ssh[6179]: debug1: Grabbing password from preceding auth module. I tried copying the key in .ssh/login-keys.d instead of linking it, I tried, just for testing, to make both the dir and the key world-readable, but no difference. I can't really see what I'm doing wrong... luca P.S. I keep sending private mails by mistake, sorry... -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
