[SOLVED] Re: openssh, pam and debian: how to configure ssh to use custom pam authentication module

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Problem solved. All I had to do was to
enable ChallengeResponseAuthentication,
disable PasswordAuthentication and set UsePAM to yes.

On Sun, Mar 15, 2009 at 12:19 PM, Angelin Lalev <lalev.angelin@xxxxxxxxx> wrote:
> Hi,
>
> I want to install Debian "Lenny" server to be used from my students
> from the computer labs of my university.
> The labs have quite regularly monitored network infrastructure with
> switches which support mac access lists.
> Together with ssh that makes possibility of man in the middle and
> eavesdropping attacks quite negligible.
> Unfortunately, the main danger in the labs comes from the quite
> liberal access to the operating system,
> given to the students, which doesn't prevent effectively enough
> installation of key loggers and trojaned versions
> of some programs.
>
> That's why I was thinking about using one-time password authentication
> for my server (along with say write protected
> usb flash with ssh client written on).
>
> Directed by some postings on Debian mailing lists I found otpw package
> and made it work for regular
> logins by adding one simple line to pam.d confguration files.
>
> auth    sufficient    pam_otpw.so
>
> The problem is that no mather what pam.d file for sshd service says,
> the sshd displays regular password
> prompt at login instead of the "Enter password No XXX" which is needed
> for pam_otpw.so to work properly.
>
> There were some suggestions on the mailing lists how to deal with that
> very problem on openssh 3.x,
> but the modern version of openssh says the suggested options are depreciated.
>
> Which is the way to invoke the proper authentication scheme in modern
> versions of openssh?
>


[Index of Archives]     [Open SSH Unix Development]     [Fedora Users]     [Fedora Desktop]     [Yosemite Backpacking]     [KDE Users]     [Gnome Users]

  Powered by Linux