Yubico Forum https://forum.yubico.com/ |
|
Prevent root password sharing https://forum.yubico.com/viewtopic.php?f=16&t=388 |
Page 1 of 1 |
Author: | xchet [ Wed Aug 26, 2009 11:52 pm ] |
Post subject: | Prevent root password sharing |
Hi All, I would like to use yubikey in my work environment to prevent the root password sharing. I have successfully configured sshd to accept password+yubikey. Is it possible to allow passwd+yubikey to certain authorized users and rest can ssh login with their passwords? Also, has anyone configured PAM for su and sudo with yubikey so that if anyone does a "su -" should also use pawwd+yubikey. Thanks. Chet |
Author: | msvilp [ Thu Aug 27, 2009 9:51 am ] |
Post subject: | Re: Prevent root password sharing |
You can configure su or sudo by placing appropriate rules in /etc/pam.d/su or /etc/pam.d/sudo. (This is in Debian or Ubuntu. Configuration files might be different in other distros.) Requiring passwd+YubiKey for some users while allowing password-only login on others is a different matter, and not a trivial one. I have just written about these kind of setups here, but I'm not sure yet if it will work out. |
Page 1 of 1 | All times are UTC + 1 hour |
Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |