From 0ed90c81222a38c157dbf365e53b1e5ac543f005 Mon Sep 17 00:00:00 2001
From: Rouven Seifert <rouven.seifert@mailbox.tu-dresden.de>
Date: Fri, 10 Mar 2023 16:38:57 +0100
Subject: [PATCH] fixed homedir creation for sshd

---
 modules/ldap.nix | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/modules/ldap.nix b/modules/ldap.nix
index b1c5d46..fbde7cb 100644
--- a/modules/ldap.nix
+++ b/modules/ldap.nix
@@ -89,13 +89,13 @@ in
       daemon.enable = true;
     };
 
-  security.pam.services.login.text = ''
+  security.pam.services.sshd.text = ''
     # Account management.
     account sufficient ${pkgs.nss_pam_ldapd}/lib/security/pam_ldap.so
     account required pam_unix.so
 
     # Authentication management.
-    auth sufficient pam_unix.so nullok  likeauth try_first_pass
+    auth sufficient pam_unix.so  likeauth try_first_pass
     auth sufficient ${pkgs.nss_pam_ldapd}/lib/security/pam_ldap.so use_first_pass
     auth required pam_deny.so
 
@@ -107,7 +107,6 @@ in
     session required pam_env.so conffile=/etc/pam/environment readenv=0
     session required pam_unix.so
     session required pam_loginuid.so
-    session required ${pkgs.linux-pam}/lib/security/pam_lastlog.so silent
     session optional pam_mkhomedir.so
     session optional ${pkgs.nss_pam_ldapd}/lib/security/pam_ldap.so
     session optional ${pkgs.systemd}/lib/security/pam_systemd.so