[OATH-Toolkit-help] Wrong users file format?

oath-toolkit-help

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[OATH-Toolkit-help] Wrong users file format?

From:	Jakub Mikusek
Subject:	[OATH-Toolkit-help] Wrong users file format?
Date:	Fri, 3 Jun 2011 17:05:43 +0200

Gents,

I've been having quite hard time trying to make libpam_oath work - I keep 
getting "rc -12" error (user not found) - the /etc/users.oath file format I 
ripped off from the wiki.
If anyone could give me a hint what I might have missed that would be awesome - 
thanks in advance!

Best regards,
J.

My current setup:
Ubuntu 10.04 Lucix x86

/etc/pam.d/su:
auth       sufficient pam_rootok.so
auth       sufficient pam_oath.so usersfile=/etc/users.oath window=10 digits=8 
debug
session       required   pam_env.so readenv=1
session       required   pam_env.so readenv=1 envfile=/etc/default/locale
session    optional   pam_mail.so nopen
@include common-auth
@include common-account
@include common-session

/etc/users.oath
TOTP/T60 root - f6817671cddc98fa5e0dc399941686720681f0ff
TOTP/T60 j.mikusek - f6817671cddc98fa5e0dc399941686720681f0ff

And below output from the 'su' command:

: address@hidden:~$ ;su
[pam_oath.c:parse_cfg(118)] called.
[pam_oath.c:parse_cfg(119)] flags 0 argc 4
[pam_oath.c:parse_cfg(121)] argv[0]=usersfile=/etc/users.oath
[pam_oath.c:parse_cfg(121)] argv[1]=window=10
[pam_oath.c:parse_cfg(121)] argv[2]=digits=8
[pam_oath.c:parse_cfg(121)] argv[3]=debug
[pam_oath.c:parse_cfg(122)] debug=1
[pam_oath.c:parse_cfg(123)] alwaysok=0
[pam_oath.c:parse_cfg(124)] try_first_pass=0
[pam_oath.c:parse_cfg(125)] use_first_pass=0
[pam_oath.c:parse_cfg(126)] usersfile=/etc/users.oath
[pam_oath.c:parse_cfg(127)] digits=8
[pam_oath.c:parse_cfg(128)] window=10
[pam_oath.c:pam_sm_authenticate(157)] get user returned: root
One-time password (OATH) for `root': 
[pam_oath.c:pam_sm_authenticate(232)] conv returned: 05261958
[pam_oath.c:pam_sm_authenticate(292)] OTP: 05261958
[pam_oath.c:pam_sm_authenticate(303)] authenticate rc -12 last otp Thu Jan  1 
01:00:00 1970

[pam_oath.c:pam_sm_authenticate(309)] One-time password not authorized to login 
as user 'root'
[pam_oath.c:pam_sm_authenticate(325)] done. [Authentication failure]
Password: 
su: Authentication failure
: address@hidden:~$ ;

[Prev in Thread]

Current Thread

[Next in Thread]

[OATH-Toolkit-help] Wrong users file format?, Jakub Mikusek <=

Prev by Date: [OATH-Toolkit-help] Is this possible to setup our own token server?
Next by Date: Re: [OATH-Toolkit-help] oath-toolkit-help Digest, Vol 9, Issue 2
Previous by thread: [OATH-Toolkit-help] Is this possible to setup our own token server?
Next by thread: Re: [OATH-Toolkit-help] oath-toolkit-help Digest, Vol 9, Issue 2
Index(es):
- Date
- Thread