Public key auth and PAM

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I think that PAM isn't taken into acount when public key authentication is
on. I disabled access in PAM for all users and allowed login for only thouse
which are listed via pam_list_file. But I found that all users are still
allowed to login when they're use public key.

Is it possible to tell SSH to check PAM access controls even public keys are


Re: Public key auth and PAM

Quoted text here. Click to load it

You need to add pam_list_file to the account part of the PAM config,
not just auth.  Then it should do what you want, as sshd already checks
the status of pam_acct_mgmt().  

Darren Tucker (dtucker at
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Site Timeline