pam_ssh.c revision 1.8.2.3
1 1.8.2.1 tron /* $NetBSD: pam_ssh.c,v 1.8.2.3 2005/07/11 11:19:26 tron Exp $ */ 2 1.2 christos 3 1.1 christos /*- 4 1.1 christos * Copyright (c) 2003 Networks Associates Technology, Inc. 5 1.1 christos * All rights reserved. 6 1.1 christos * 7 1.1 christos * This software was developed for the FreeBSD Project by ThinkSec AS and 8 1.1 christos * NAI Labs, the Security Research Division of Network Associates, Inc. 9 1.1 christos * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the 10 1.1 christos * DARPA CHATS research program. 11 1.1 christos * 12 1.1 christos * Redistribution and use in source and binary forms, with or without 13 1.1 christos * modification, are permitted provided that the following conditions 14 1.1 christos * are met: 15 1.1 christos * 1. Redistributions of source code must retain the above copyright 16 1.1 christos * notice, this list of conditions and the following disclaimer. 17 1.1 christos * 2. Redistributions in binary form must reproduce the above copyright 18 1.1 christos * notice, this list of conditions and the following disclaimer in the 19 1.1 christos * documentation and/or other materials provided with the distribution. 20 1.1 christos * 3. The name of the author may not be used to endorse or promote 21 1.1 christos * products derived from this software without specific prior written 22 1.1 christos * permission. 23 1.1 christos * 24 1.1 christos * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 25 1.1 christos * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 1.1 christos * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 1.1 christos * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 28 1.1 christos * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 1.1 christos * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 1.1 christos * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 1.1 christos * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 1.1 christos * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 1.1 christos * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 1.1 christos * SUCH DAMAGE. 35 1.1 christos */ 36 1.1 christos 37 1.1 christos #include <sys/cdefs.h> 38 1.3 lukem #ifdef __FreeBSD__ 39 1.1 christos __FBSDID("$FreeBSD: src/lib/libpam/modules/pam_ssh/pam_ssh.c,v 1.40 2004/02/10 10:13:21 des Exp $"); 40 1.2 christos #else 41 1.8.2.1 tron __RCSID("$NetBSD: pam_ssh.c,v 1.8.2.3 2005/07/11 11:19:26 tron Exp $"); 42 1.2 christos #endif 43 1.1 christos 44 1.1 christos #include <sys/param.h> 45 1.1 christos #include <sys/wait.h> 46 1.1 christos 47 1.1 christos #include <errno.h> 48 1.1 christos #include <fcntl.h> 49 1.1 christos #include <paths.h> 50 1.1 christos #include <pwd.h> 51 1.1 christos #include <signal.h> 52 1.1 christos #include <stdio.h> 53 1.1 christos #include <string.h> 54 1.1 christos #include <unistd.h> 55 1.1 christos 56 1.1 christos #define PAM_SM_AUTH 57 1.1 christos #define PAM_SM_SESSION 58 1.1 christos 59 1.1 christos #include <security/pam_appl.h> 60 1.1 christos #include <security/pam_modules.h> 61 1.1 christos #include <security/openpam.h> 62 1.1 christos 63 1.1 christos #include <openssl/evp.h> 64 1.1 christos 65 1.1 christos #include "key.h" 66 1.1 christos #include "authfd.h" 67 1.1 christos #include "authfile.h" 68 1.1 christos 69 1.1 christos extern char **environ; 70 1.1 christos 71 1.1 christos struct pam_ssh_key { 72 1.1 christos Key *key; 73 1.1 christos char *comment; 74 1.1 christos }; 75 1.1 christos 76 1.1 christos static const char *pam_ssh_prompt = "SSH passphrase: "; 77 1.1 christos static const char *pam_ssh_have_keys = "pam_ssh_have_keys"; 78 1.1 christos 79 1.1 christos static const char *pam_ssh_keyfiles[] = { 80 1.1 christos ".ssh/identity", /* SSH1 RSA key */ 81 1.1 christos ".ssh/id_rsa", /* SSH2 RSA key */ 82 1.1 christos ".ssh/id_dsa", /* SSH2 DSA key */ 83 1.1 christos NULL 84 1.1 christos }; 85 1.1 christos 86 1.1 christos static const char *pam_ssh_agent = "/usr/bin/ssh-agent"; 87 1.2 christos static const char *pam_ssh_agent_argv[] = { "ssh_agent", "-s", NULL }; 88 1.2 christos static const char *pam_ssh_agent_envp[] = { NULL }; 89 1.1 christos 90 1.1 christos /* 91 1.1 christos * Attempts to load a private key from the specified file in the specified 92 1.1 christos * directory, using the specified passphrase. If successful, returns a 93 1.1 christos * struct pam_ssh_key containing the key and its comment. 94 1.1 christos */ 95 1.1 christos static struct pam_ssh_key * 96 1.7 christos pam_ssh_load_key(struct passwd *pwd, const char *kfn, const char *passphrase) 97 1.1 christos { 98 1.1 christos struct pam_ssh_key *psk; 99 1.1 christos char fn[PATH_MAX]; 100 1.1 christos char *comment; 101 1.1 christos Key *key; 102 1.1 christos 103 1.7 christos if (snprintf(fn, sizeof(fn), "%s/%s", pwd->pw_dir, kfn) > 104 1.7 christos (int)sizeof(fn)) 105 1.1 christos return (NULL); 106 1.1 christos comment = NULL; 107 1.1 christos key = key_load_private(fn, passphrase, &comment); 108 1.1 christos if (key == NULL) { 109 1.1 christos openpam_log(PAM_LOG_DEBUG, "failed to load key from %s\n", fn); 110 1.1 christos return (NULL); 111 1.1 christos } 112 1.1 christos 113 1.1 christos openpam_log(PAM_LOG_DEBUG, "loaded '%s' from %s\n", comment, fn); 114 1.1 christos if ((psk = malloc(sizeof(*psk))) == NULL) { 115 1.1 christos key_free(key); 116 1.1 christos free(comment); 117 1.1 christos return (NULL); 118 1.1 christos } 119 1.1 christos psk->key = key; 120 1.1 christos psk->comment = comment; 121 1.1 christos return (psk); 122 1.1 christos } 123 1.1 christos 124 1.1 christos /* 125 1.1 christos * Wipes a private key and frees the associated resources. 126 1.1 christos */ 127 1.1 christos static void 128 1.1 christos pam_ssh_free_key(pam_handle_t *pamh __unused, 129 1.1 christos void *data, int pam_err __unused) 130 1.1 christos { 131 1.1 christos struct pam_ssh_key *psk; 132 1.1 christos 133 1.1 christos psk = data; 134 1.1 christos key_free(psk->key); 135 1.1 christos free(psk->comment); 136 1.1 christos free(psk); 137 1.1 christos } 138 1.1 christos 139 1.1 christos PAM_EXTERN int 140 1.1 christos pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, 141 1.1 christos int argc __unused, const char *argv[] __unused) 142 1.1 christos { 143 1.1 christos const char **kfn, *passphrase, *user; 144 1.8.2.2 tron struct passwd *pwd, pwres; 145 1.1 christos struct pam_ssh_key *psk; 146 1.1 christos int nkeys, pam_err, pass; 147 1.8.2.2 tron char pwbuf[1024]; 148 1.1 christos 149 1.1 christos /* PEM is not loaded by default */ 150 1.1 christos OpenSSL_add_all_algorithms(); 151 1.1 christos 152 1.1 christos /* get user name and home directory */ 153 1.1 christos pam_err = pam_get_user(pamh, &user, NULL); 154 1.1 christos if (pam_err != PAM_SUCCESS) 155 1.1 christos return (pam_err); 156 1.8.2.3 tron if (getpwnam_r(user, &pwres, pwbuf, sizeof(pwbuf), &pwd) != 0 || 157 1.8.2.3 tron pwd == NULL) 158 1.1 christos return (PAM_USER_UNKNOWN); 159 1.1 christos if (pwd->pw_dir == NULL) 160 1.1 christos return (PAM_AUTH_ERR); 161 1.1 christos 162 1.1 christos /* switch to user credentials */ 163 1.1 christos pam_err = openpam_borrow_cred(pamh, pwd); 164 1.1 christos if (pam_err != PAM_SUCCESS) 165 1.1 christos return (pam_err); 166 1.1 christos 167 1.5 christos #ifdef notyet 168 1.5 christos for (kfn = pam_ssh_keyfiles; *kfn != NULL; ++kfn) { 169 1.5 christos char path[MAXPATHLEN]; 170 1.5 christos (void)snprintf(path, sizeof(path), "%s/%s", pwd->pw_dir, *kfn); 171 1.5 christos if (access(path, R_OK) == 0) 172 1.5 christos break; 173 1.5 christos } 174 1.5 christos 175 1.5 christos if (*kfn == NULL) { 176 1.5 christos openpam_restore_cred(pamh); 177 1.5 christos return (PAM_AUTH_ERR); 178 1.5 christos } 179 1.5 christos #endif 180 1.5 christos 181 1.1 christos pass = (pam_get_item(pamh, PAM_AUTHTOK, 182 1.2 christos (const void **)__UNCONST(&passphrase)) == PAM_SUCCESS); 183 1.1 christos load_keys: 184 1.1 christos /* get passphrase */ 185 1.1 christos pam_err = pam_get_authtok(pamh, PAM_AUTHTOK, 186 1.1 christos &passphrase, pam_ssh_prompt); 187 1.1 christos if (pam_err != PAM_SUCCESS) { 188 1.1 christos openpam_restore_cred(pamh); 189 1.1 christos return (pam_err); 190 1.1 christos } 191 1.1 christos 192 1.1 christos /* try to load keys from all keyfiles we know of */ 193 1.1 christos nkeys = 0; 194 1.1 christos for (kfn = pam_ssh_keyfiles; *kfn != NULL; ++kfn) { 195 1.7 christos psk = pam_ssh_load_key(pwd, *kfn, passphrase); 196 1.1 christos if (psk != NULL) { 197 1.1 christos pam_set_data(pamh, *kfn, psk, pam_ssh_free_key); 198 1.1 christos ++nkeys; 199 1.1 christos } 200 1.1 christos } 201 1.1 christos 202 1.1 christos /* 203 1.1 christos * If we tried an old token and didn't get anything, and 204 1.1 christos * try_first_pass was specified, try again after prompting the 205 1.1 christos * user for a new passphrase. 206 1.1 christos */ 207 1.1 christos if (nkeys == 0 && pass == 1 && 208 1.1 christos openpam_get_option(pamh, "try_first_pass") != NULL) { 209 1.1 christos pam_set_item(pamh, PAM_AUTHTOK, NULL); 210 1.1 christos pass = 0; 211 1.1 christos goto load_keys; 212 1.1 christos } 213 1.1 christos 214 1.1 christos /* switch back to arbitrator credentials before returning */ 215 1.1 christos openpam_restore_cred(pamh); 216 1.1 christos 217 1.1 christos /* no keys? */ 218 1.1 christos if (nkeys == 0) 219 1.1 christos return (PAM_AUTH_ERR); 220 1.1 christos 221 1.1 christos pam_set_data(pamh, pam_ssh_have_keys, NULL, NULL); 222 1.1 christos return (PAM_SUCCESS); 223 1.1 christos } 224 1.1 christos 225 1.1 christos PAM_EXTERN int 226 1.1 christos pam_sm_setcred(pam_handle_t *pamh __unused, int flags __unused, 227 1.1 christos int argc __unused, const char *argv[] __unused) 228 1.1 christos { 229 1.1 christos 230 1.1 christos return (PAM_SUCCESS); 231 1.1 christos } 232 1.1 christos 233 1.1 christos /* 234 1.1 christos * Parses a line from ssh-agent's output. 235 1.1 christos */ 236 1.1 christos static void 237 1.1 christos pam_ssh_process_agent_output(pam_handle_t *pamh, FILE *f) 238 1.1 christos { 239 1.1 christos char *line, *p, *key, *val; 240 1.1 christos size_t len; 241 1.1 christos 242 1.1 christos while ((line = fgetln(f, &len)) != NULL) { 243 1.1 christos if (len < 4 || strncmp(line, "SSH_", 4) != 0) 244 1.1 christos continue; 245 1.1 christos 246 1.1 christos /* find equal sign at end of key */ 247 1.1 christos for (p = key = line; p < line + len; ++p) 248 1.1 christos if (*p == '=') 249 1.1 christos break; 250 1.1 christos if (p == line + len || *p != '=') 251 1.1 christos continue; 252 1.1 christos *p = '\0'; 253 1.1 christos 254 1.1 christos /* find semicolon at end of value */ 255 1.1 christos for (val = ++p; p < line + len; ++p) 256 1.1 christos if (*p == ';') 257 1.1 christos break; 258 1.1 christos if (p == line + len || *p != ';') 259 1.1 christos continue; 260 1.1 christos *p = '\0'; 261 1.1 christos 262 1.1 christos /* store key-value pair in environment */ 263 1.1 christos openpam_log(PAM_LOG_DEBUG, "got %s: %s", key, val); 264 1.1 christos pam_setenv(pamh, key, val, 1); 265 1.1 christos } 266 1.1 christos } 267 1.1 christos 268 1.1 christos /* 269 1.1 christos * Starts an ssh agent and stores the environment variables derived from 270 1.1 christos * its output. 271 1.1 christos */ 272 1.1 christos static int 273 1.4 christos pam_ssh_start_agent(pam_handle_t *pamh, struct passwd *pwd) 274 1.1 christos { 275 1.1 christos int agent_pipe[2]; 276 1.1 christos pid_t pid; 277 1.1 christos FILE *f; 278 1.1 christos 279 1.1 christos /* get a pipe which we will use to read the agent's output */ 280 1.4 christos if (pipe(agent_pipe) == -1) 281 1.1 christos return (PAM_SYSTEM_ERR); 282 1.1 christos 283 1.1 christos /* start the agent */ 284 1.1 christos openpam_log(PAM_LOG_DEBUG, "starting an ssh agent"); 285 1.1 christos pid = fork(); 286 1.1 christos if (pid == (pid_t)-1) { 287 1.1 christos /* failed */ 288 1.1 christos close(agent_pipe[0]); 289 1.1 christos close(agent_pipe[1]); 290 1.1 christos return (PAM_SYSTEM_ERR); 291 1.1 christos } 292 1.1 christos if (pid == 0) { 293 1.2 christos #ifndef F_CLOSEM 294 1.1 christos int fd; 295 1.2 christos #endif 296 1.1 christos /* child: drop privs, close fds and start agent */ 297 1.4 christos if (setgid(pwd->pw_gid) == -1) { 298 1.4 christos openpam_log(PAM_LOG_DEBUG, "%s: Cannot setgid %d (%m)", 299 1.4 christos __FUNCTION__, (int)pwd->pw_gid); 300 1.4 christos goto done; 301 1.4 christos } 302 1.4 christos if (initgroups(pwd->pw_name, pwd->pw_gid) == -1) { 303 1.4 christos openpam_log(PAM_LOG_DEBUG, 304 1.4 christos "%s: Cannot initgroups for %s (%m)", 305 1.4 christos __FUNCTION__, pwd->pw_name); 306 1.4 christos goto done; 307 1.4 christos } 308 1.4 christos if (setuid(pwd->pw_uid) == -1) { 309 1.4 christos openpam_log(PAM_LOG_DEBUG, "%s: Cannot setuid %d (%m)", 310 1.4 christos __FUNCTION__, (int)pwd->pw_uid); 311 1.4 christos goto done; 312 1.4 christos } 313 1.4 christos (void)close(STDIN_FILENO); 314 1.4 christos (void)open(_PATH_DEVNULL, O_RDONLY); 315 1.4 christos (void)dup2(agent_pipe[1], STDOUT_FILENO); 316 1.4 christos (void)dup2(agent_pipe[1], STDERR_FILENO); 317 1.2 christos #ifdef F_CLOSEM 318 1.2 christos (void)fcntl(3, F_CLOSEM, 0); 319 1.2 christos #else 320 1.1 christos for (fd = 3; fd < getdtablesize(); ++fd) 321 1.4 christos (void)close(fd); 322 1.2 christos #endif 323 1.4 christos (void)execve(pam_ssh_agent, 324 1.4 christos (char **)__UNCONST(pam_ssh_agent_argv), 325 1.2 christos (char **)__UNCONST(pam_ssh_agent_envp)); 326 1.4 christos done: 327 1.1 christos _exit(127); 328 1.1 christos } 329 1.1 christos 330 1.1 christos /* parent */ 331 1.1 christos close(agent_pipe[1]); 332 1.1 christos if ((f = fdopen(agent_pipe[0], "r")) == NULL) 333 1.1 christos return (PAM_SYSTEM_ERR); 334 1.1 christos pam_ssh_process_agent_output(pamh, f); 335 1.1 christos fclose(f); 336 1.1 christos 337 1.1 christos return (PAM_SUCCESS); 338 1.1 christos } 339 1.1 christos 340 1.1 christos /* 341 1.1 christos * Adds previously stored keys to a running agent. 342 1.1 christos */ 343 1.1 christos static int 344 1.1 christos pam_ssh_add_keys_to_agent(pam_handle_t *pamh) 345 1.1 christos { 346 1.1 christos AuthenticationConnection *ac; 347 1.1 christos struct pam_ssh_key *psk; 348 1.1 christos const char **kfn; 349 1.1 christos char **envlist, **env; 350 1.1 christos int pam_err; 351 1.1 christos 352 1.1 christos /* switch to PAM environment */ 353 1.1 christos envlist = environ; 354 1.1 christos if ((environ = pam_getenvlist(pamh)) == NULL) { 355 1.4 christos openpam_log(PAM_LOG_DEBUG, "%s: cannot get envlist", 356 1.4 christos __FUNCTION__); 357 1.1 christos environ = envlist; 358 1.1 christos return (PAM_SYSTEM_ERR); 359 1.1 christos } 360 1.1 christos 361 1.1 christos /* get a connection to the agent */ 362 1.1 christos if ((ac = ssh_get_authentication_connection()) == NULL) { 363 1.4 christos openpam_log(PAM_LOG_DEBUG, 364 1.4 christos "%s: cannot get authentication connection", 365 1.4 christos __FUNCTION__); 366 1.1 christos pam_err = PAM_SYSTEM_ERR; 367 1.1 christos goto end; 368 1.1 christos } 369 1.1 christos 370 1.1 christos /* look for keys to add to it */ 371 1.1 christos for (kfn = pam_ssh_keyfiles; *kfn != NULL; ++kfn) { 372 1.2 christos pam_err = pam_get_data(pamh, *kfn, (void **)__UNCONST(&psk)); 373 1.1 christos if (pam_err == PAM_SUCCESS && psk != NULL) { 374 1.1 christos if (ssh_add_identity(ac, psk->key, psk->comment)) 375 1.1 christos openpam_log(PAM_LOG_DEBUG, 376 1.1 christos "added %s to ssh agent", psk->comment); 377 1.1 christos else 378 1.1 christos openpam_log(PAM_LOG_DEBUG, "failed " 379 1.1 christos "to add %s to ssh agent", psk->comment); 380 1.1 christos /* we won't need the key again, so wipe it */ 381 1.1 christos pam_set_data(pamh, *kfn, NULL, NULL); 382 1.1 christos } 383 1.1 christos } 384 1.1 christos pam_err = PAM_SUCCESS; 385 1.1 christos end: 386 1.1 christos /* disconnect from agent */ 387 1.1 christos if (ac != NULL) 388 1.1 christos ssh_close_authentication_connection(ac); 389 1.1 christos 390 1.1 christos /* switch back to original environment */ 391 1.1 christos for (env = environ; *env != NULL; ++env) 392 1.1 christos free(*env); 393 1.1 christos free(environ); 394 1.1 christos environ = envlist; 395 1.1 christos 396 1.1 christos return (pam_err); 397 1.1 christos } 398 1.1 christos 399 1.1 christos PAM_EXTERN int 400 1.1 christos pam_sm_open_session(pam_handle_t *pamh, int flags __unused, 401 1.1 christos int argc __unused, const char *argv[] __unused) 402 1.1 christos { 403 1.8.2.2 tron struct passwd *pwd, pwres; 404 1.1 christos const char *user; 405 1.1 christos void *data; 406 1.4 christos int pam_err = PAM_SUCCESS; 407 1.8.2.2 tron char pwbuf[1024]; 408 1.1 christos 409 1.1 christos /* no keys, no work */ 410 1.1 christos if (pam_get_data(pamh, pam_ssh_have_keys, &data) != PAM_SUCCESS && 411 1.1 christos openpam_get_option(pamh, "want_agent") == NULL) 412 1.1 christos return (PAM_SUCCESS); 413 1.1 christos 414 1.1 christos /* switch to user credentials */ 415 1.1 christos pam_err = pam_get_user(pamh, &user, NULL); 416 1.1 christos if (pam_err != PAM_SUCCESS) 417 1.1 christos return (pam_err); 418 1.8.2.3 tron if (getpwnam_r(user, &pwres, pwbuf, sizeof(pwbuf), &pwd) != 0 || 419 1.8.2.3 tron pwd == NULL) 420 1.1 christos return (PAM_USER_UNKNOWN); 421 1.4 christos 422 1.4 christos /* start the agent */ 423 1.4 christos pam_err = pam_ssh_start_agent(pamh, pwd); 424 1.4 christos if (pam_err != PAM_SUCCESS) 425 1.4 christos return pam_err; 426 1.4 christos 427 1.1 christos pam_err = openpam_borrow_cred(pamh, pwd); 428 1.1 christos if (pam_err != PAM_SUCCESS) 429 1.4 christos return pam_err; 430 1.1 christos 431 1.1 christos /* we have an agent, see if we can add any keys to it */ 432 1.1 christos pam_err = pam_ssh_add_keys_to_agent(pamh); 433 1.1 christos if (pam_err != PAM_SUCCESS) { 434 1.1 christos /* XXX ignore failures */ 435 1.4 christos openpam_log(PAM_LOG_DEBUG, "failed adding keys to ssh agent"); 436 1.4 christos pam_err = PAM_SUCCESS; 437 1.1 christos } 438 1.1 christos 439 1.1 christos openpam_restore_cred(pamh); 440 1.4 christos return pam_err; 441 1.1 christos } 442 1.1 christos 443 1.1 christos PAM_EXTERN int 444 1.1 christos pam_sm_close_session(pam_handle_t *pamh, int flags __unused, 445 1.1 christos int argc __unused, const char *argv[] __unused) 446 1.1 christos { 447 1.1 christos const char *ssh_agent_pid; 448 1.1 christos char *end; 449 1.1 christos int status; 450 1.1 christos pid_t pid; 451 1.1 christos 452 1.1 christos if ((ssh_agent_pid = pam_getenv(pamh, "SSH_AGENT_PID")) == NULL) { 453 1.1 christos openpam_log(PAM_LOG_DEBUG, "no ssh agent"); 454 1.1 christos return (PAM_SUCCESS); 455 1.1 christos } 456 1.1 christos pid = (pid_t)strtol(ssh_agent_pid, &end, 10); 457 1.1 christos if (*ssh_agent_pid == '\0' || *end != '\0') { 458 1.1 christos openpam_log(PAM_LOG_DEBUG, "invalid ssh agent pid"); 459 1.1 christos return (PAM_SESSION_ERR); 460 1.1 christos } 461 1.1 christos openpam_log(PAM_LOG_DEBUG, "killing ssh agent %d", (int)pid); 462 1.1 christos if (kill(pid, SIGTERM) == -1 || 463 1.1 christos (waitpid(pid, &status, 0) == -1 && errno != ECHILD)) 464 1.1 christos return (PAM_SYSTEM_ERR); 465 1.1 christos return (PAM_SUCCESS); 466 1.1 christos } 467 1.1 christos 468 1.1 christos PAM_MODULE_ENTRY("pam_ssh"); 469
Indexes created Tue Sep 30 07:10:03 GMT 2025