Does a known security issue allow ssh login via system accounts?
Blumenthal, Uri - 0553 - MITLL
uri at ll.mit.edu
Thu Mar 10 01:56:30 AEDT 2022
> I assumed we were talking about the PAM module that apparently created
> the situation that started this thread, i.e.
> https://github.com/google/google-authenticator-libpam and not the
> Yubico one.
My fault - did not realize what PAM module the OP was having a problem with.
> 2022-03-07 [W.B.]: Found the culprit: me. . . install and configure for
> libpam-google-auth, given a company mandate to 2FA all connections
> with admin access, . . .
> 2022-03-07 [M.S.] That's a nice thing about pam_yubico with real
> Yubikeys: they can be validated against the Yubico cloud API,
> without any local secrets.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5249 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20220309/d860a8a3/attachment-0001.p7s>
More information about the openssh-unix-dev
mailing list