Hey;
Thanks for the reply.
If you want to know how to control OpenSSH settings, it seems to me you should ask on an OpenSSH mailing list.
It's not an openssh setting other than *usePam yes*. It's *most* likely a pam setting either /etc/pam.d/sshd or in /etc/pam.d/system-auth.
Since ssh honors these settings for local accounts and even for ldap accounts without keys, it seems logical that someone in the ldap community would have faced this issue already.
Thanks again for the reply.
Doug O'Leary ------------ Senior UNIX/Security Admin CISSP, CISA, RHCSA, CEH O'Leary Computers Inc dkoleary@olearycomputers.com (w) 630-904-6098 (c) 630-248-2749 linkedin: http://www.linkedin.com/in/dkoleary resume: http://www.olearycomputers.com/resume.html