andrewkroh/sshd

## sshd
#%PAM-1.0

# Skip Google Authenticator for the vagrant user:
auth [success=1 default=ignore] pam_succeed_if.so user = vagrant
auth       required     pam_google_authenticator.so

auth       required     pam_unix.so
auth       required     pam_sepermit.so
auth       include      password-auth
account    required     pam_nologin.so
account    include      password-auth
password   include      password-auth
# pam_selinux.so close should be the first session rule
session    required     pam_selinux.so close
session    required     pam_loginuid.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session    required     pam_selinux.so open env_params
session    optional     pam_keyinit.so force revoke
session    include      password-auth
	#%PAM-1.0

	# Skip Google Authenticator for the vagrant user:
	auth [success=1 default=ignore] pam_succeed_if.so user = vagrant
	auth required pam_google_authenticator.so

	auth required pam_unix.so
	auth required pam_sepermit.so
	auth include password-auth
	account required pam_nologin.so
	account include password-auth
	password include password-auth
	# pam_selinux.so close should be the first session rule
	session required pam_selinux.so close
	session required pam_loginuid.so
	# pam_selinux.so open should only be followed by sessions to be executed in the user context
	session required pam_selinux.so open env_params
	session optional pam_keyinit.so force revoke
	session include password-auth