Dear Debian maintainer, On Tuesday, January 10, 2012, I notified you of the beginning of a review process concerning debconf templates for yubico-pam. The debian-l10n-english contributors have now reviewed these templates, and the final proposed changes are attached to this update to the original bug report. Please review the suggested changes, and if you have any objections, let me know in the next 3 days. However, please try to avoid uploading yubico-pam with these changes right now. The second phase of this process will begin on Tuesday, January 17, 2012, when I will coordinate updates to translations of debconf templates. The existing translators will be notified of the changes: they will receive an updated PO file for their language. Simultaneously, a general call for new translations will be sent to the debian-i18n mailing list. Both these calls for translations will request updates to be sent as individual bug reports. That will probably trigger a lot of bug reports against your package, but these should be easier to deal with. The call for translation updates and new translations will run until about Tuesday, February 07, 2012. Please avoid uploading a package with fixed or changed debconf templates and/or translation updates in the meantime. Of course, other changes are safe. Please note that this is an approximative delay, which depends on my own availability to process this work and is influenced by the fact that I simultaneously work on many packages. Around Wednesday, February 08, 2012, I will contact you again and will send a final patch summarizing all the updates (changes to debconf templates, updates to debconf translations and new debconf translations). Again, thanks for your attention and cooperation. --
# These templates have been reviewed by the debian-l10n-english # team # # If modifications/additions/rewording are needed, please ask # debian-l10n-english@lists.debian.org for advice. # # Even minor modifications require translation updates and such # changes should be coordinated with translators and reviewers. Template: libpam-yubico/module_args Type: string Default: mode=client try_first_pass id=N key=K _Description: Parameters for Yubico PAM: The Yubico PAM module supports two modes of operation: online validation of YubiKey OTPs or offline validation of YubiKey HMAC-SHA-1 responses to challenges. . The default is online validation, and for that to work you need to get a free API key at https://upgrade.yubico.com/getapikey/ and enter the key id as "id=NNNN" and the base64 secret as "key=...". . All the available parameters for the Yubico PAM module are described in /usr/share/doc/libpam-yubico/README.gz. To avoid accidental lock-outs the module will not be active until it is enabled with the "pam-auth-update" command.
Source: yubico-pam
Maintainer: Yubico Open Source Maintainers <ossmaint@yubico.com>
Uploaders: Fredrik Thulin <fredrik@yubico.com>, Simon Josefsson <simon@josefsson.org>
Section: admin
Priority: optional
Build-Depends: debhelper (>= 8),
po-debconf,
pkg-config,
cdbs,
libykclient-dev (>= 2.4),
libpam0g-dev,
libldap2-dev,
libykpers-1-dev (>= 1.5.2),
libyubikey-dev
Standards-Version: 3.9.2
Homepage: http://code.google.com/p/yubico-pam/
DM-Upload-Allowed: yes
Package: libpam-yubico
Architecture: any
Depends: libpam-runtime (>= 1.0.1-6~),
libykclient3 (>= 2.4),
libldap-2.4-2,
libykpers-1-1 (>= 1.5.2),
debconf | debconf-2.0,
${shlibs:Depends},
${misc:Depends}
Description: two-factor password and Yubikey OTP PAM module
This package provides the Yubico PAM module. It enables the use of
two-factor authentication, with existing logins and passwords plus
a YubiKey One-Time Password that is validated against an online
validation service. The default is the free YubiCloud, but it is easy
to set up a custom service.
.
A second mode of operation is available using the YubiKey's HMAC-SHA-1
Challenge-Response functionality. This allows for offline validation
using a YubiKey, for example on a laptop computer. However, this only
works for local logins, not for instance SSH logins.
--- yubico-pam.old/debian/libpam-yubico.templates 2012-01-06 08:20:50.146163927 +0100
+++ yubico-pam/debian/libpam-yubico.templates 2012-01-14 08:24:25.887008629 +0100
@@ -1,20 +1,25 @@
+# These templates have been reviewed by the debian-l10n-english
+# team
+#
+# If modifications/additions/rewording are needed, please ask
+# debian-l10n-english@lists.debian.org for advice.
+#
+# Even minor modifications require translation updates and such
+# changes should be coordinated with translators and reviewers.
+
Template: libpam-yubico/module_args
Type: string
Default: mode=client try_first_pass id=N key=K
_Description: Parameters for Yubico PAM:
- The Yubico PAM module supports two modes of operation - online
+ The Yubico PAM module supports two modes of operation: online
validation of YubiKey OTPs or offline validation of YubiKey HMAC-SHA-1
responses to challenges.
.
The default is online validation, and for that to work you need to get
- an API key (they are free) at https://upgrade.yubico.com/getapikey/ and
+ a free API key at https://upgrade.yubico.com/getapikey/ and
enter the key id as "id=NNNN" and the base64 secret as "key=...".
.
All the available parameters for the Yubico PAM module are described
- in /usr/share/doc/libpam-yubico/README.gz.
-
-Template: libpam-yubico/disabled_by_default
-Type: note
-_Description: Yubico PAM module disabled by default
- To avoid locking anyone out of their system, the Yubico PAM module is
- not activated by default. Use the program `pam-auth-update' to enable it.
+ in /usr/share/doc/libpam-yubico/README.gz. To avoid accidental
+ lock-outs the module will not be active until it is enabled with the
+ "pam-auth-update" command.
--- yubico-pam.old/debian/control 2012-01-06 08:20:50.146163927 +0100
+++ yubico-pam/debian/control 2012-01-11 07:07:20.263327120 +0100
@@ -25,16 +25,14 @@
debconf | debconf-2.0,
${shlibs:Depends},
${misc:Depends}
-Description: Yubico two-factor password+OTP (YubiKey) PAM module
- This is the Yubico PAM module. It enables you to set up your system to
- require two-factor authentication with your normal username and password
- and a YubiKey OTP that is validated against an online validation service.
+Description: two-factor password and Yubikey OTP PAM module
+ This package provides the Yubico PAM module. It enables the use of
+ two-factor authentication, with existing logins and passwords plus
+ a YubiKey One-Time Password that is validated against an online
+ validation service. The default is the free YubiCloud, but it is easy
+ to set up a custom service.
.
- The default validation service is the free YubiCloud, but you can easily
- set up and use your own validation service.
- .
- A second mode of operation is available using the YubiKeys HMAC-SHA-1
- Challenge-Response functionality. Using this mode, you can accomplish
- offline validation using a YubiKey, for example on a laptop computer.
- This only works for local logins though, and not for logging in using
- for example SSH.
+ A second mode of operation is available using the YubiKey's HMAC-SHA-1
+ Challenge-Response functionality. This allows for offline validation
+ using a YubiKey, for example on a laptop computer. However, this only
+ works for local logins, not for instance SSH logins.
Attachment:
signature.asc
Description: Digital signature