Re: [QUESTION] Securing ssh by account

2016-02-26T03:18:29+01:00

You may want to look at AuthenticationMethods in sshd_config. You might be able to set something like:

Code:

password,pam password

Which should theoretically allow either login with either password chained with PAM or password only. I've not done any setup like this so it's little more than a guess at something that might help.

Statistics: Posted by velosol — Fri Feb 26, 2016 3:18 am

[QUESTION] Securing ssh by account

2016-01-19T05:42:32+01:00

Hi, first time poster here, long time Yubikey user.

I've had my hosted server setup for quite some time with pam_yubico set as required. Tonight, I gave a friend an account on the server so she could host her site. I changed the module so it is now sufficient, which allows her to login without a Yubikey. But I want my account to still require one.

Is there some way to configure ssh to prompt for my OTP (and validate it against YubiCloud) while keeping the pam module set to sufficient?

Statistics: Posted by Speeddymon — Tue Jan 19, 2016 5:42 am

Yubico Forum

Re: [QUESTION] Securing ssh by account

[QUESTION] Securing ssh by account