Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 11:48 am

All times are UTC + 1 hour




Post new topic Reply to topic  [ 4 posts ] 
Author Message
PostPosted: Tue Nov 23, 2010 9:37 am 
Offline

Joined: Tue Nov 23, 2010 9:28 am
Posts: 2
I just finished configuring SSH on my Ubuntu 10.10 64bit desktop to use my Yubikey via PAM. This is tested and working.

I regularly connect to this machine using NoMachine, and it is running the Neatx server. This was installed using these instructions:
http://www.ubuntugeek.com/how-to-instal ... -lynx.html

I assumed that once SSH was using my Yubikey that NoMachine would also require my Yubikey. They both use port 22, and I thought that NoMachine was tunneling through SSH. Apparently I'm wrong somehow. SSH required me to enter my password + yubikey OTP; however, NoMachine only works with my password. It's as if I never configured the Yubikey. If I enter the OTP, my login fails. If I enter just my password, it works.

I would appreciate any hints or information to get NoMachine/Neatx to require my Yubikey OTP. Thanks!


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Wed Nov 24, 2010 5:28 am 
Offline

Joined: Tue Nov 23, 2010 9:28 am
Posts: 2
I found this information on user authentication in NX:
http://www.nomachine.com/ar/view.php?ar_id=AR02C00150

From the article:
---
To verify the password, NX will submit the user's credentials to the SSH subsystem. If SSH guarantees the access, then NX will allow the user to enter the session.
---

It seems like NX should be authenticating using the yubikey if SSH is. I'd appreciate any help or input.


Top
 Profile  
Reply with quote  
PostPosted: Thu Dec 30, 2010 12:08 pm 
Offline

Joined: Thu Dec 30, 2010 12:07 pm
Posts: 2
Did you find a solution for this?


Top
 Profile  
Reply with quote  
PostPosted: Thu Dec 30, 2010 1:05 pm 
Offline

Joined: Thu Dec 30, 2010 12:07 pm
Posts: 2
Never mind, I found a solution already! It seems that Nomachine expects the password prompt to be
Quote:
Password:
and not
Quote:
Yubikey `$USERNAME`:
So I modified the source of pam_yubikey.c a little, and voila, it's working!


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group