[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

OTP (opie) and ssh


I just set up libpam-opie and it works quite well from the console as
well as with ssh. Unfortunatly it does not show wich OTPasswd it expects
with ssh login but this is another story.

In order to get it working I had to change /etc/pam.d/ssh from:
| auth       required     pam_nologin.so
| auth       required     pam_unix.so
| auth       required     pam_env.so # [1]


| auth       required     pam_nologin.so
| auth       required     pam_env.so # [1]
| auth       sufficient   pam_unix.so
| auth       sufficient   pam_opie.so
| auth       required     pam_deny.so

Note that I moved pam_env up before unix and opie so that it always is
required. I also added pam_deny as shown in README.Debian as the final
catch rule and set unix and opie to sufficient.

Did I just open a big root shell on port 22 saying in big flashing yellow
letters 'USE ME', or is everything ok? Any suggestions what I might/should


PGP encrypted messages preferred.
[please CC me on lists]

Attachment: pgpdN1t1qC54d.pgp
Description: PGP signature

Reply to: