pam, openssh and opie
Damien Miller
djm at mindrot.org
Sun Dec 3 11:53:36 EST 2000
On Sat, 2 Dec 2000, Harondel J. Sibble wrote:
> I can get the opie challenge only on a console (no openssh), if I
> attempt to to include the opie_pam module in the /etc/pam.d/sshd
> file, all authentication fails and no login is possible. Has
> anyone come up with any workarounds. I had previously tried to
> get s/key working, but kept bumping up against the issue of s/key
> not supporting shadow passwords and the pam s/key module is a tad
> old....
I have just committed a patch from Nalin Dahyabhai which enables PAM
to use KbdInteractive authentication, which will allow for this sort
of challenge/response stuff. It will be in tomorrow morning's snapshot.
To use it you need to add "KbdInteractiveAuthentication yes" to both
your client and server configs.
-d
--
| ``We've all heard that a million monkeys banging on | Damien Miller -
| a million typewriters will eventually reproduce the | <djm at mindrot.org>
| works of Shakespeare. Now, thanks to the Internet, /
| we know this is not true.'' - Robert Wilensky UCB / http://www.mindrot.org
More information about the openssh-unix-dev
mailing list