[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How to use libpam-otpw?

Magicloud Magiclouds wrote at 2010-12-06 18:35 -0700:
>   I installed libpam-otpw a few days ago and configured it as:
> --- /etc/ssh/sshd_config ---
> UsePrivilegeSeparation no
> ChallengeResponseAuthentication yes

> --- /etc/pam.d/sshd ---
> #@include common-auth
> auth required pam_otpw.so
> session optional pam_otpw.so

>   Now when I login, it prompt me for the one time password. But if I
> just press Enter for three times, it asks me for normal password
> again. Is this correct, or my configuration is wrong?

---- Relevent lines in my /etc/ssh/sshd_config:
PasswordAuthentication no
ChallengeResponseAuthentication yes
HostbasedAuthentication no
UsePAM yes
---- end

---- /etc/pam.d/sshd without comments:
auth       required     pam_env.so
auth       required     pam_env.so envfile=/etc/default/locale
auth    optional   pam_faildelay.so  delay=3000000
auth    [success=1 default=ignore]      pam_opie.so
auth    requisite                       pam_deny.so
auth    required                        pam_permit.so
account    required     pam_nologin.so
@include common-account
@include common-session
session    optional     pam_motd.so
session    optional     pam_mail.so standard noenv
session    required     pam_limits.so
@include common-password
---- end

This configuration seems to disable standard UNIX authentication.

Attachment: signature.asc
Description: Digital signature

Reply to: