Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 7:10 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 2 posts ] 
Author Message
PostPosted: Fri Jul 25, 2008 10:22 pm 
Offline

Joined: Fri May 09, 2008 8:00 am
Posts: 9
Again sorry just wondering if any one could help...

This is taken from http://code.google.com/p/yubico-pam/issues/detail?id=7

Quote:
Reported by timm.tem, May 08, 2008
Simon
It would be great if we could use the Yubikey to do Two-factor legacy
Username + password + YubiKey in exactly the same fashion it works on the
website http://www.yubico.com/demo/index.php.
As currently with the way PAM works anyone who has my key can login to my
server
Thank you
Tim

Comment 1 by dion.rowney, Jun 09, 2008
I am currently try to work on this, however I find myself bringing in the entire
pam_unix module... Is there a better way to avoid code duplication?
Or can my pam_yubico module call the pam_unix module from within?

Comment 2 by kittypee, Jun 13, 2008
This can be done simply by stacking the pam modules separately.
auth required pam_unix.so ...
auth required pam_yubikey.so ...
This causes pam to require both modules to be run, and both must pass. Although this solution again would
require that bug #4 be fixed.

Comment 3 by dion.rowney, Jun 16, 2008
It seems that ssh only will prompt for a password regardless and does not give
multiple methods.


kittypee says that you can stack pam modules which does prompt for Yubikey and Password but putty fails saying Network Error: Software causes connection abort

The extract from my /etc/pam.d/ssh

Code:
auth       required     pam_yubico.so id=16 debug
auth       required     pam_env.so # [1]
auth       required     pam_env.so envfile=/etc/default/locale


Any help again would be greatfully appreciated

Thank you again in advanced

Tim


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Tue Sep 02, 2008 10:25 am 
Offline
Site Admin
Site Admin

Joined: Tue May 06, 2008 7:22 pm
Posts: 151
Have you configured SSH to use PAM? It doesn't by default, I think.

/Simon


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group