This module provides single sign-on behavior. The user types a passphrase when logging in and is allowed in if it decrypts the user's SSH private key. An ssh-agent is started and keys are added. For the entire session, the user types no more passwords.
Ratings and Reviews
Be the first to post a text review of pam_ssh. Rate and review a project by clicking thumbs up or thumbs down in the right column.
Project Feed
-
Tracker artifact added
openhs created the Re-add identity to already running agent artifact -
Forum thread added
jpsecher created the Patches from Debian forum thread -
Tracker artifact added
thomas_gl created the double-free bug with pam_ssh-1.97 artifact -
Tracker artifact added
Anonymous created the Read keyfile locations from ~/.ssh/config artifact -
Tracker artifact added
Anonymous created the Support for keypaths outside ~/.ssh artifact -
Forum thread added
markfaine created the undefined symbol: pam_ssh_log forum thread -
Tracker artifact added
Anonymous created the segfault with EOF as password artifact -
pam_ssh 1.97 file released: pam_ssh-1.97.tar.bz2
Version 1.97 released ===================== 2009-04-11 Wolfgang Rosenauer * pam_get_pass.c: CVE-2009-1273 pam_ssh used a certain prompt if a user found to exist to ask for the SSH passphrase explicitely depending on whether the username was valid or invalid, which made it easier for remote attackers to enumerate usernames.
-
pam_ssh 1.97 has been released
A rough overview what has changed since 1.92 what was the last real release from SourceForge: - The module is usable now for session use only if wanted. It starts an ssh-agent without adding keys to it in that case. - The option to allow blank passphrases is now 'nullok' while the old option is still available but deprecated. - The debug option is now really supported as documented. - We didn't start the ssh-agent if the close_session module wasn't called correctly but the ssh-agent was killed (e.g. system crashes). That should be solved in almost all cases now. - Improved logging - SECURITY FIX: pam_ssh used a certain prompt if a user found to exist to ask for the SSH passphrase explicitely depending on whether the username was valid or invalid, which made it easier for remote attackers to enumerate usernames. (CVE-2009-1273)
-
File released: /pam_ssh/1.97/pam_ssh-1.97.tar.bz2
Rate and Review
Be the first person to add a text review.
Related Projects
-
-
Nagios Plugins for SAP CCMS
These Nagios Plugins provide an interface to the SAP CCMS Infrastructure and display the results in Nagios.
-
CopyBirds
Toolchain for automatic Program archiving including the context by analyzing the runtime behavior. The program can later run on a Linux Live-CD.
pam_ssh Actions
About SourceForge
Develop Software
Copyright © 2009 Geeknet, Inc. All rights reserved. Terms of Use
