[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [OATH-toolkit-help] pam_oath with openssh problem

From: hmy
Subject: Re: [OATH-toolkit-help] pam_oath with openssh problem
Date: Fri, 21 Jan 2011 10:51:20 +0800

in the sshd_config file disable RSAAuthentication  and PubkeyAuthentication . can juse use pam authentication.
if you want use oath and rsa key ,I think you can add a libpam_rsa pam module.

On Fri, Jan 21, 2011 at 4:55 AM, Simon Josefsson <address@hidden> wrote:
Michael Stevens <address@hidden> writes:

> On Thu, Jan 20, 2011 at 09:39:08PM +0100, Simon Josefsson wrote:
>> Have you succeeded in setting it up?  Describing how to configure
>> OpenSSH/PAM for one/two-factor OATH would be really nice.
> I'm planning to blog about this when less tired, but rough summary:

Very nice!  I look forward to seeing this described in more detail.

> If there's a ssh authorized_key it seems to override password
> authenticate totally. Ideally I'd like to combine ssh keys AND OTP, but
> I haven't worked out that setup yet.

Right, if OpenSSH is using 'publickey' there is no PAM involvement at
all.  Or, well, it probably does session management via PAM, but not
authentication.  I would also like to see both publickey + OTP.  I don't
recall if this is a protocol limitation -- can the SECSH protocol use
multiple authentication methods at all?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]