[Bug 3303] Request Match block accommodation for 2FA sshd_config
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Wed Apr 28 03:50:56 AEST 2021
https://bugzilla.mindrot.org/show_bug.cgi?id=3303
--- Comment #2 from Meryll <alwanza at yahoo.com> ---
Darren - thank you for your response. It was worth a try... but didn't
seem to solve my issue.
KbdInteractiveAuthentication was an accepted directive both within the
sshd_config file and the Match block.
When I substituted KbdInteractiveAuthentication for
ChallengeResponseAuthentication, I was no longer prompted for my
"Verification Code" at login. After entering the passphrase associated
with my public key I was prompted for a "password" and nothing I
entered (password, passphrase, nor authentication code) was accepted,
so I was effectively locked out.
When I reenabled ChallengeResponseAuthentication with
KbdInteractiveAuthentication, there was no change from the original
behavior I described.
My openssh version is 8.0 (on CentOS 8.3.2011). I am using Google
Authenticator as my 2FA.
Did I miss a step?
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list