From fbb4b5fd4f8e0bb89732670a01954e18b69e15ba Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 25 May 2018 07:11:01 +0000 Subject: [PATCH] upstream: Do not ban PTY allocation when a sshd session is restricted because the user password is expired as it breaks password change dialog. regression in openssh-7.7 reported by Daniel Wagner OpenBSD-Commit-ID: 9fc09c584c6f1964b00595e3abe7f83db4d90d73 --- auth.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/auth.c b/auth.c index 63366768a..0b7a335fc 100644 --- a/auth.c +++ b/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.127 2018/03/12 00:52:01 djm Exp $ */ +/* $OpenBSD: auth.c,v 1.128 2018/05/25 07:11:01 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -1080,6 +1080,7 @@ auth_restrict_session(struct ssh *ssh) /* A blank sshauthopt defaults to permitting nothing */ restricted = sshauthopt_new(); + restricted->permit_pty_flag = 1; restricted->restricted = 1; if (auth_activate_options(ssh, restricted) != 0)