| Yubico Forum https://forum.yubico.com/ |
|
| PAM + Dovecot problem https://forum.yubico.com/viewtopic.php?f=23&t=2514 |
Page 1 of 1 |
| Author: | plum [ Mon Jan 02, 2017 2:46 pm ] |
| Post subject: | PAM + Dovecot problem |
I have set up pam SSH authentication using yubikey-pam lib and for SSH it works fine (and for sudo too). Since pam module is called by pam-common, yunikey auth is also required for accessing IMAP account and I can't get this to work. The IMAP server is dovecot (debian) and pam-yubikey logs show that there's curl error: Code: Jan 2 14:33:36 vps dovecot: auth-worker: Error: [../pam_yubico.c:pam_sm_authenticate(990)] Skipping first 9 bytes. Length is 53, token_id set to 12 and token OTP always 32. Jan 2 14:33:36 vps dovecot: auth-worker: Error: [../pam_yubico.c:pam_sm_authenticate(997)] OTP: REDACTED ID: REDACTED Jan 2 14:33:36 vps dovecot: auth-worker: Error: [../pam_yubico.c:pam_sm_authenticate(1012)] Extracted a probable system password entered before the OTP - setting item PAM_AUTHTOK Jan 2 14:33:36 vps dovecot: auth-worker: Error: [../pam_yubico.c:pam_sm_authenticate(1028)] ykclient return value (109): Error performing curl Jan 2 14:33:36 vps dovecot: auth-worker: Error: [../pam_yubico.c:pam_sm_authenticate(1091)] done. [Authentication service cannot retrieve authentication info] I tried giving both dovecot users real shell (system dovecot accounts have /bin/false as shell) but it doesn't work. I'm out of ideas. |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|