I can't imagine what simple thing I'm leaving out.
When ever I try to ssh to an account with the shell set to /usr/sbin/authpf
I get disconnected immediately after getting the motd. I know I'm
connecting and authenticating, but I don't stay connected.
I've created the files
authpf.allow authpf.conf authpf.message authpf.problem authpf.rules
in /etc/authpf ro to all but root.
authpf.allow contains a single "*"
authpf.conf is empty
authpf.rules contains:
pass in quick on $IN_IF from $user_ip to any keep state
pass out quick on $IN_IF from $user_ip to any keep state
pass in quick on $EX_IF from $user_ip to any keep state
pass out quick on $EX_IF from $user_ip to any keep state
I've put the anchors in the main pf ruleset and they load without any
errors.
nat-anchor "authpf/*"
rdr-anchor "authpf/*"
binat-anchor "authpf/*"
anchor "authpf/*"
other related issue. If I use the adduser script and specify authpf
as the shell, I get "authpf: is not allowed!". I've used vipw to change
the shell to /usr/sbin/authpf for the test user.
Thank you.

Thanks. That fixed the adduser script issue, but I still get
disconnected immediately.

Darrin Chandler wrote:
Sat, Jul 08, 2006 at 06:24:40PM -0700, Bill Meigs wrote:
>other related issue. If I use the adduser script and specify authpf
>as the shell, I get "authpf: is not allowed!". I've used vipw to change
>the shell to /usr/sbin/authpf for the test user.

man shells(5)?