Challenge response authentication and PAM

Nigel Metheringham Nigel.Metheringham at
Thu Mar 22 20:28:13 EST 2001

Hi Damien,

djm at said:
> ChallengeResponseAuthentication yes
> in the server config and
> Protocol 2 
> PreferredAuthentications publickey, keyboard-interactive, password
> in the client config. 

I must have expressed my question wrongly so getting you to grab the 
wrong end of the stick :-)

I have the openssh part of the configuration apparently correct, and 
when I ssh to an appropriately set up account I get
  % ssh host

If I put the right response in it logs me in quite happily.  However I 
am not getting the Challenge displayed to me.... which could well be 
down to the PAM module implementation as all the pam_opie modules I see 
appear to be quick hacks from people feeling their way round the PAM 

Anyone got a fully working pam_opie/pam_skey implementation they wish 
to point me at?


[ Nigel Metheringham           Nigel.Metheringham at ]
[ Phone: +44 1423 850000                         Fax +44 1423 858866 ]
[ - Comments in this message are my own and not ITO opinion/policy - ]

More information about the openssh-unix-dev mailing list