pam, openssh and opie
mouring at etoh.eviladmin.org
mouring at etoh.eviladmin.org
Sun Dec 3 20:58:06 EST 2000
On Sun, 3 Dec 2000, Damien Miller wrote:
> On Sat, 2 Dec 2000, Harondel J. Sibble wrote:
>
> > I can get the opie challenge only on a console (no openssh), if I
> > attempt to to include the opie_pam module in the /etc/pam.d/sshd
> > file, all authentication fails and no login is possible. Has
> > anyone come up with any workarounds. I had previously tried to
> > get s/key working, but kept bumping up against the issue of s/key
> > not supporting shadow passwords and the pam s/key module is a tad
> > old....
>
> I have just committed a patch from Nalin Dahyabhai which enables PAM
> to use KbdInteractive authentication, which will allow for this sort
> of challenge/response stuff. It will be in tomorrow morning's snapshot.
>
> To use it you need to add "KbdInteractiveAuthentication yes" to both
> your client and server configs.
>
Can I assume that this does not conver Protocol 1? Because I believe
KbdInteractive is just Protocol 2.
I'd love to unite some of these features a bit more. Can protocol 1
support the same concept, Markus?
- Ben
More information about the openssh-unix-dev
mailing list