summaryrefslogtreecommitdiff
path: root/sshd.pam
diff options
context:
space:
mode:
Diffstat (limited to 'sshd.pam')
-rw-r--r--sshd.pam17
1 files changed, 17 insertions, 0 deletions
diff --git a/sshd.pam b/sshd.pam
new file mode 100644
index 0000000..780f62e
--- /dev/null
+++ b/sshd.pam
@@ -0,0 +1,17 @@
+#%PAM-1.0
+auth substack password-auth
+auth include postlogin
+account required pam_sepermit.so
+account required pam_nologin.so
+account include password-auth
+password include password-auth
+# pam_selinux.so close should be the first session rule
+session required pam_selinux.so close
+session required pam_loginuid.so
+# pam_selinux.so open should only be followed by sessions to be executed in the user context
+session required pam_selinux.so open env_params
+session required pam_namespace.so
+session optional pam_keyinit.so force revoke
+session optional pam_motd.so
+session include password-auth
+session include postlogin
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-30 19:57:05 +0000