Bug 2877

Summary: Setting pam_set_item(PAM_USER, value) not honoured in ssh PAM
Product: Portable OpenSSH Reporter: Martin <bugs>
Component: PAM supportAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED WONTFIX    
Severity: enhancement CC: djm
Priority: P5    
Version: 7.7p1   
Hardware: Other   
OS: Linux   

Description Martin 2018-06-12 19:05:21 AEST
My PAM module is user agnostic and knows about the authenticated user on success. It is not necessary or even appreciated to supply the username at login time and nss_ldap will take care of setting pwent on success. openssh however, does not honour the new username that is set using pam_set_item(PAM_USER, value) on success.
Comment 1 Martin 2018-06-12 21:09:40 AEST
To be more precise: with "not supplying username" at login time, I mean supplying a placeholder username that triggers the PAM module to initiate external authentication configured as sufficient.
Comment 2 Damien Miller 2018-06-13 11:25:50 AEST
OpenSSH doesn't support PAM changing the username used for authentication. We don't have any intention to change this, sorry.
Comment 4 Damien Miller 2021-04-23 14:53:13 AEST
closing resolved bugs as of 8.6p1 release