# Begin /etc/pam.d/sshd

auth            include         system-auth
account         include         system-account
password        include         system-password

# pam_selinux.so close should be the first session rule
session         required        pam_selinux.so close

# set audit loginuid for the user
session         optional        pam_loginuid.so

session         include         system-session

# pam_selinux.so open should only be followed by sessions to be executed in the user context
session         required        pam_selinux.so open

# End /etc/pam.d/sshd

