I'm going to setup 2 factor authentication for my database server. I'm
using PostgreSQL 9.4 DBMS on Ubuntu 14.10. I need to force two
authentication methods for my database server. The authentication can
use password and USB device methods.
I already installed pamusb pakages :
sudo apt-get install pamusb-tools libpam-usb
Although I can add devices on my pamusb config file :
pamusb-conf --add-device MyDevice
I should define pamusb users and authentication methods.
I added this lines to pamusb config between <users> tags :
<user id="postgres">
<device>MyDevice</device>
</user>
I also create new pam module in \etc\pam.d directory with the name "mypam" :
auth required pam_usb.so
auth include password-auth
account include password-auth
and I edited Postgresql pg_hba.conf file:
local all all pam mypam
host all all 127.0.0.1/32 pam mypam
host all all ::1/128 pam mypam
but it doesn't work, can you please help me on this?
