- (djm) Add new UsePAM configuration directive to allow runtime control
over usage of PAM. This allows non-root use of sshd when built with
--with-pam
diff --git a/auth1.c b/auth1.c
index 7fe3631..6cb0b04 100644
--- a/auth1.c
+++ b/auth1.c
@@ -342,11 +342,6 @@
!auth_root_allowed(get_authname(type)))
authenticated = 0;
#endif
-#ifdef USE_PAM
- if (!use_privsep && authenticated &&
- !do_pam_account(pw->pw_name, client_user))
- authenticated = 0;
-#endif
/* Log before sending the reply */
auth_log(authctxt, authenticated, get_authname(type), info);
@@ -413,7 +408,8 @@
use_privsep ? " [net]" : "");
#ifdef USE_PAM
- PRIVSEP(start_pam(user));
+ if (options.use_pam)
+ PRIVSEP(start_pam(user));
#endif
/*