Hi, Currently, it not possible to update its own shell on the farm machines: chsh prompts for the user password, but authentication is solely performed through SSH keys, so there is no way to use a password to authenticate.
As an experiment, we have just added PAM configuration to gcc13 and gcc14
so that chsh does not ask for a password. It amounts to adding this line
to /etc/pam.d/chsh:
auth sufficient pam_permit.so
The complete /etc/pam.d/chsh (based on Debian stretch) is now:
https://paste.swordarmor.fr/8gN4
gcc13 and gcc14 are thus available for testing changing your login shell.
If you know about any security issues that could arise from this setting,
please speak up! If everything looks fine, we will deploy this setting to
all farm machines.
Thanks,
Baptiste
signature.asc
Description: PGP signature
_______________________________________________ cfarm-users mailing list cfarm-users@lists.tetaneutral.net https://lists.tetaneutral.net/listinfo/cfarm-users
