DVG-4157448+4920695_corrected_UsePAM_comment.patch   [plain text]

diff -uNr ../openssh-4.5p1.orig/sshd_config ./sshd_config
--- ../openssh-4.5p1.orig/sshd_config	2006-07-23 21:06:47.000000000 -0700
+++ ./sshd_config	2007-01-11 17:05:47.000000000 -0800
@@ -52,7 +52,8 @@
 # Don't read the user's ~/.rhosts and ~/.shosts files
 #IgnoreRhosts yes
 
-# To disable tunneled clear text passwords, change to no here!
+# To disable tunneled clear text passwords, change to no here! Also,
+# remember to set the UsePAM setting to 'no'.
 #PasswordAuthentication yes
 #PermitEmptyPasswords no
 
@@ -78,7 +79,10 @@
 # If you just want the PAM account and session checks to run without
 # PAM authentication, then enable this but set PasswordAuthentication
 # and ChallengeResponseAuthentication to 'no'.
-#UsePAM no
+# Also, PAM will deny null passwords by default.  If you need to allow
+# null passwords, add the "	nullok" option to the end of the
+# securityserver.so line in /etc/pam.d/sshd.
+#UsePAM yes
 
 #AllowTcpForwarding yes
 #GatewayPorts no