On 2012/09/21 03:09, Alexander Hall wrote: > This is annoying, as it requires you to set auth=... and then explicity > close any services you don't want to expose, like "auth-ssh=" etc. > Obviously, this could very well lead to an incomplete list of disabled > services, causing all sorts of discomfort for the user and/or system > administrator.
With the example it makes a lot more sense, however I think this ought to go upstream so it can be documented in the wiki, this way of using login.conf is new to me and I suspect quite a few other people. Now I know what it's for, I certainly wouldn't object to adding it as a patch once it's in upstream. > This diff introduces "auth-$service" as type, allowing stuff like this > in login.conf: When I was reading login.conf(5) to work out what this does before you sent your followup mail, I was confused between "service type" and "authentication type", so I would explicitly use the term "authentication type" rather than just "type" in any documentation.
