mirror of
https://github.com/vyos/vyos-build.git
synced 2025-10-01 20:28:40 +02:00
52f75193f3
Dropbear version shipped in Debian does not have PAM support enabled. For the VyOS console server it would be nice to have the possibility to use RADIUS authentication.
47 lines
1.6 KiB
Diff
47 lines
1.6 KiB
Diff
From 3ac8b338e248801eca917e6091ff6b601e55a1fc Mon Sep 17 00:00:00 2001
|
|
From: Christian Poessinger <christian@poessinger.com>
|
|
Date: Sun, 16 Jan 2022 21:04:35 +0100
|
|
Subject: [PATCH] Enable PAM support
|
|
|
|
---
|
|
debian/rules | 2 +-
|
|
default_options.h | 4 ++--
|
|
2 files changed, 3 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/debian/rules b/debian/rules
|
|
index 673a5a3..4092be7 100755
|
|
--- a/debian/rules
|
|
+++ b/debian/rules
|
|
@@ -27,5 +27,5 @@ override_dh_installinit:
|
|
dh_installinit -R --name dropbear
|
|
|
|
override_dh_auto_configure:
|
|
- dh_auto_configure -- --disable-bundled-libtom \
|
|
+ dh_auto_configure -- --disable-bundled-libtom --enable-pam \
|
|
CC='$(CC)' CFLAGS='$(CFLAGS)' $(CONFFLAGS)
|
|
diff --git a/default_options.h b/default_options.h
|
|
index 375506d..e4fc5bf 100644
|
|
--- a/default_options.h
|
|
+++ b/default_options.h
|
|
@@ -193,7 +193,7 @@ group1 in Dropbear server too */
|
|
|
|
/* Authentication Types - at least one required.
|
|
RFC Draft requires pubkey auth, and recommends password */
|
|
-#define DROPBEAR_SVR_PASSWORD_AUTH 1
|
|
+#define DROPBEAR_SVR_PASSWORD_AUTH 0
|
|
|
|
/* Note: PAM auth is quite simple and only works for PAM modules which just do
|
|
* a simple "Login: " "Password: " (you can edit the strings in svr-authpam.c).
|
|
@@ -201,7 +201,7 @@ group1 in Dropbear server too */
|
|
* but there's an interface via a PAM module. It won't work for more complex
|
|
* PAM challenge/response.
|
|
* You can't enable both PASSWORD and PAM. */
|
|
-#define DROPBEAR_SVR_PAM_AUTH 0
|
|
+#define DROPBEAR_SVR_PAM_AUTH 1
|
|
|
|
/* ~/.ssh/authorized_keys authentication */
|
|
#define DROPBEAR_SVR_PUBKEY_AUTH 1
|
|
--
|
|
2.20.1
|
|
|