On Wed, 9 Mar 2022, Blumenthal, Uri - 0553 - MITLL wrote: > > > I don't understand what you said. Does the cloud service > >authenticate the user, or does it not??? > > > > err, missed a word - it does not > > In that case, what about this. > > From https://developers.yubico.com/yubico-pam/, description of the PAM > module parameters: > > mode: Mode of operation. Use "client" for online validation > with a YubiKey validation service such as the YubiCloud, or use > "challenge-response" for offline validation using YubiKeys with > HMAC-SHA-1 Challenge-Response configurations. See the man-page > ykpamcfg(1) for further details on how to configure offline > Challenge-Response validation. I assumed we were talking about the PAM module that apparently created the situation that started this thread, i.e. https://github.com/google/google-authenticator-libpam and not the Yubico one. -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
