diff --git a/unix_integration/pam_kanidm/src/pam/mod.rs b/unix_integration/pam_kanidm/src/pam/mod.rs
index e008c9c7d..4c2810c06 100755
--- a/unix_integration/pam_kanidm/src/pam/mod.rs
+++ b/unix_integration/pam_kanidm/src/pam/mod.rs
@@ -91,10 +91,14 @@ impl PamHooks for PamKanidm {
             Err(_) => return PamResultCode::PAM_SERVICE_ERR,
         };
 
+        let tty = pamh.get_tty();
+        let rhost = pamh.get_rhost();
+
         if opts.debug {
             println!("acct_mgmt");
             println!("args -> {:?}", args);
             println!("opts -> {:?}", opts);
+            println!("tty -> {:?} rhost -> {:?}", tty, rhost);
         }
 
         let account_id = match pamh.get_user(None) {
@@ -165,10 +169,15 @@ impl PamHooks for PamKanidm {
             Err(_) => return PamResultCode::PAM_SERVICE_ERR,
         };
 
+        // This will == "Ok(Some("ssh"))" on remote auth.
+        let tty = pamh.get_tty();
+        let rhost = pamh.get_rhost();
+
         if opts.debug {
             println!("sm_authenticate");
             println!("args -> {:?}", args);
             println!("opts -> {:?}", opts);
+            println!("tty -> {:?} rhost -> {:?}", tty, rhost);
         }
 
         let account_id = match pamh.get_user(None) {
diff --git a/unix_integration/pam_kanidm/src/pam/module.rs b/unix_integration/pam_kanidm/src/pam/module.rs
index 4760b75ea..a346bddbd 100755
--- a/unix_integration/pam_kanidm/src/pam/module.rs
+++ b/unix_integration/pam_kanidm/src/pam/module.rs
@@ -5,7 +5,7 @@ use std::{mem, ptr};
 
 use libc::c_char;
 
-use crate::pam::constants::{PamFlag, PamItemType, PamResultCode, PAM_AUTHTOK};
+use crate::pam::constants::{PamFlag, PamItemType, PamResultCode, PAM_AUTHTOK, PAM_RHOST, PAM_TTY};
 
 /// Opaque type, used as a pointer when making pam API calls.
 ///
@@ -207,6 +207,44 @@ impl PamHandle {
             Err(res)
         }
     }
+
+    pub fn get_tty(&self) -> PamResult<Option<String>> {
+        let mut ptr: *const PamItemT = ptr::null();
+        let (res, item) = unsafe {
+            let r = pam_get_item(self, PAM_TTY, &mut ptr);
+            let t = if PamResultCode::PAM_SUCCESS == r && !ptr.is_null() {
+                let typed_ptr: *const c_char = ptr as *const c_char;
+                Some(CStr::from_ptr(typed_ptr).to_string_lossy().into_owned())
+            } else {
+                None
+            };
+            (r, t)
+        };
+        if PamResultCode::PAM_SUCCESS == res {
+            Ok(item)
+        } else {
+            Err(res)
+        }
+    }
+
+    pub fn get_rhost(&self) -> PamResult<Option<String>> {
+        let mut ptr: *const PamItemT = ptr::null();
+        let (res, item) = unsafe {
+            let r = pam_get_item(self, PAM_RHOST, &mut ptr);
+            let t = if PamResultCode::PAM_SUCCESS == r && !ptr.is_null() {
+                let typed_ptr: *const c_char = ptr as *const c_char;
+                Some(CStr::from_ptr(typed_ptr).to_string_lossy().into_owned())
+            } else {
+                None
+            };
+            (r, t)
+        };
+        if PamResultCode::PAM_SUCCESS == res {
+            Ok(item)
+        } else {
+            Err(res)
+        }
+    }
 }
 
 /// Provides functions that are invoked by the entrypoints generated by the