Yubico Forum

I'm having issues with trying to do SSH sessions with my Yubikey as a two factor authorization. When I use it without the key field for pam_yubico.so, it works fine. However, when I put the secret API key that I have generated for it, it fails with the server signature being invalid (BAD_SERVER_SIGNATURE) according to the debug log output.

I have a few questions: is the API key needed for this, and if so, for what? Additionally, if there are pluses and equals in my API key, should I convert that to a URL friendly format?

I'm also using this on Raspberry Pi 2 with Raspbian.

Here is the PAM line I use at the top of my pam.d/sshd file (key removed)

it should look something like this, the API key is base 64 encoded don't have to touch it:

root@vendetta:/etc/pam.d# cat yubi-auth
auth sufficient pam_yubico.so id=123456 key=2bD7GmNwNmJv3mKKazuumqTdTrM= authfile=/etc/ssh/yubikey_mappings url=https://api.yubico.com/wsapi/2.0/verify?id=%d&otp=%s debug