Use this group policy to enable PAM authentication, account processing, and session processing. When you enable this policy, PAM authentication is implemented through the
Depending on your PAM configuration, enabling this policy may bypass the
sshd settings of
If you just want the PAM account and session checks to run without PAM authentication, then enable this policy but disable the
ChallengeResponseAuthentication mechanism in
Be certain that you are using a version of OpenSSH that supports PAM authentication. Otherwise, setting this policy will render the OpenSSH server unable to start.
This group policy modifies the
UsePAM setting in the