On Mon, 7 Mar 2022, Whit Blauvelt wrote: > On Tue, 03/01/22, 2022 at 09:45:04AM +1100, Damien Miller wrote: > > > It sounds like you have already verified that your PAM configuration was > > not tampered with, so that removes one possibility. Reviewing the Ubuntu > > PAM configurations and the patches they apply to sshd seem to be prudent > > next steps. > > Found the culprit: me. I was stupid enough to install and configure for > libpam-google-auth, given a company mandate to 2FA all connections with > admin access, where it wasn't in scope to add 2FA to all client accounts. If > there's existing documentation anywhere on how dangerous this is, it's not > in libpam-google-auth's own docs, nor in the recipes scattered across the > net. (off-list) If you're able to share details of what went wrong, then please let me know and I'll make sure they get back to the developers of this module. -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev