bug#64937: ssh sessions in systemd

[Thorsten Kukuk]

On Wed, Aug 02, Bruno Haible wrote:

> Thorsten Kukuk wrote:

> > openssh is really special: it does not need a TTY for all kind of ssh
> > sessions, and thus only opens a TTY if needed after creating the
> > logind session. Thus the logind session does not contain the TTY 
> > informations.
> > systemd-logind v254 provides now an interface for this case, which
> > allows to set the TTY later. For openssh you need this patch:
> > 
> > https://github.com/thkukuk/utmpx/blob/main/patches/openssh/logind-set-tty.patch
> 
> That would make sense, yes. But I wonder:
> - Why is it possible to set the "type" of the session to "tty", without
>   specifying a value for the "tty"?

sshd specifies a tty, but a dummy one: "sshd".
And systemd/logind has a hack to delete this dummy entry, so that a
fallback hack becomes active, which tries to determine the tty in
another way. But this "hack" exists only for the dbus interface, not for
libsystemd...

I know that Lennart Poettering had discussions about systemd and
sshd with the openssh developers to clean up some of the stuff and to
find better solutions, but without much success.

> - While at it: Shouldn't OpenSSH also provide a value for the "remote_user"
>   property?

I think it should, but I don't know why they don't set "PAM_RUSER".

  Thorsten

-- 
Thorsten Kukuk, Distinguished Engineer, Senior Architect, Future Technologies
SUSE Software Solutions Germany GmbH, Frankenstraße 146, 90461 Nuernberg, 
Germany
Managing Director: Ivo Totev, Andrew McDonald, Werner Knoblich
(HRB 36809, AG Nürnberg)