pam: Don't ask for fingerprints for remote logins (!12) · Merge requests · libfprint / fprintd

Bastien Nocera requested to merge wip/hadess/fix-no-ssh-pam into master Aug 07, 2019

As written in the "Linux-PAM Application Developers' Guide" at http://www.linux-pam.org/Linux-PAM-html/adg-security-user-identity.html: " As a general rule, the following convention for its value can be assumed: NULL = unknown; localhost = invoked directly from the local system; other.place.xyz = some component of the user's connection originates from this remote/requesting host. "

So also exit early if the hostname isn't localhost as it should be.

Closes: #21 (closed)

Admin message

pam: Don't ask for fingerprints for remote logins

Merge request reports