How to tell SSH to setuid after PAM and not before to remap users How to tell SSH to setuid after PAM and not before to remap users linux linux

How to tell SSH to setuid after PAM and not before to remap users


I ended up changing the shell for the user to a setuid wrapper that drop privileges to the intended user.

Code is here: https://github.com/kuon/radius-auth-virtual