Date: Wed, 09 Jul 2003 01:17:56 +0200 From: des@des.no (Dag-Erling =?iso-8859-1?q?Sm=F8rgrav?=) To: Brendan Bank <brendan@gnarst.net> Cc: freebsd-security@freebsd.org Subject: Re: Problems with the pam_opieaccess PAM module Message-ID: <xzpisqc8v6j.fsf@dwp.des.no> In-Reply-To: <200306271448.h5REmfOc054525@banzai.gnarst.net> (Brendan Bank's message of "Fri, 27 Jun 2003 16:48:41 %2B0200") References: <200306271448.h5REmfOc054525@banzai.gnarst.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Brendan Bank <brendan@gnarst.net> writes: > And in /etc/pam.conf I added: > > sshd auth required pam_opie.so > sshd auth requisite pam_opieaccess.so > sshd auth required /usr/lib/pam_krb5.so.1 try_first_pass f= orwardable Where in /etc/pam.conf? There are already sshd lines in pam.conf, and things may not work as you expect if you merely added your lines rather than replace what was already there. BTW, I use the following: root@flood ~# grep sshd /etc/pam.conf #sshd auth sufficient pam_skey.so sshd auth sufficient pam_opie.so no_fake_pro= mpts sshd auth requisite pam_opieaccess.so #sshd auth sufficient pam_kerberosIV.so try_first_p= ass #sshd auth sufficient pam_krb5.so try_first_p= ass sshd auth required pam_unix.so try_first_p= ass sshd account required pam_unix.so sshd password required pam_permit.so sshd session required pam_permit.so and it works perfectly. DES --=20 Dag-Erling Sm=F8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpisqc8v6j.fsf>