mobile otp and pam
I hope to find some pam experts who can help me fixing this.
writes that I need to add
auth sufficient /lib/security/pam_mobile_otp.so not_set_pass
password required /lib/security/pam_mobile_otp.so debug
account required /lib/security/pam_mobile_otp.so
to my /etc/pam.d/sshd to enable authentication with a mobile
phone-based one-time-password. My question is: what do I need beside
this to make it work? Do I need a session line? It seems that I should
remove the standard password mechanisms since I want to enable login
_only_ with this mobile otp scheme.
Testing this it seemed that pam accepts the good passcode and refuses
the bad, just it does not let me in in the former case - with the
above lines only in /etc/pam.d/sshd
I use fedora but I thought I will find pam expertise here.