Yubikey authentication

Deployment

libtool

Patch per user: https://git.alt.tf/snippets/3

FIXME After each login the per user file is owned by root:root.

/etc/pam.d/common-auth

auth  [success=3 default=ignore]  pam_unix.so nullok_secure                          
auth  [success=2 default=ignore]  pam_ldap.so use_first_pass
auth  [success=1 default=ignore]  pam_hotp.so peruser usersfile=.hotp window=10 digits=8 use_first_pass
auth  requisite                   pam_deny.so
auth  required                    pam_permit.so

Usage

  • sysadmin/yubikey.txt
  • Last modified: 2016/03/02 16:16
  • by Benjamin Collet