| Yubico Forum https://forum.yubico.com/ |
|
| can't get pam_yubico to work for me (local auth server) https://forum.yubico.com/viewtopic.php?f=23&t=1136 |
Page 1 of 1 |
| Author: | mdwuznik [ Sun Aug 18, 2013 3:08 am ] |
| Post subject: | can't get pam_yubico to work for me (local auth server) |
Hi, I have set up a test rig of a Debian 7 hyper-v machine and have set up an auth server on localhost Judging by wget -q -O - http://localhost:8000/wsapi/2.0/verify?otp=<otp> h= t=2013-08-18T03:43:11.248Z otp=<otp> nonce= sl=100 status=OK the auth server is alive and kicking. (configured with my own values for OTP, disconnected from yubico itself) As the machine is a Hyperv-guest (so, no support for 'transplugging' the yubikey connected to host to guest system) I wonder how would I proceed with PAM auth for SSH (for the start, I'm going to use yubikeys also to login to this particular machine) Traditional way (challenge-response) requires plugging the yubikey in the machine for config (ykpersonalize, ykpamcfg). Hence I try to config PAM for pam_yubico.so putting: auth required pam_yubico.so debug authfile=/etc/yubiauth url:http://localhost:8000/wsapi/2.0/verify?otp=%s yubiauth file contains: tester:<12firstmodhexcharsofotp> unfortunately, when trying ssh for user tester I get Permission denied message, no matter if I put the password of the user or the OTP. Could you point me if that's a problem of the auth server config or pam config? Thanks |
|
| Author: | Tom [ Mon Aug 19, 2013 9:18 am ] |
| Post subject: | Re: can't get pam_yubico to work for me (local auth server) |
Hello, There are numerous threads about PAM in the forum. Please read this full thread and check if the guide posted at the bottom is of any help for you. viewtopic.php?f=23&t=822&start=10 |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|