On Sun, 6 Nov 2016, Olaf Marzocchi wrote:
; Hi, ; I started updating my server, therefore OpenSSH first. After that one I ; restarted the server. ; I can login with my pass but two factor authentication doesn't work anymore, ; I'm never asked for it. I've just checked one of my servers that uses 2FA and I have both sshd-kbdint and sshd at the end of pam.conf. Perhaps you need both? sshd-kbdint auth requisite pam_authtok_get.so.1 sshd-kbdint auth required pam_dhkeys.so.1 sshd-kbdint auth required pam_unix_cred.so.1 sshd-kbdint auth required pam_unix_auth.so.1 sshd-kbdint auth required /opt/CITotp/lib/pam_mobile_otp.so sshd auth requisite pam_authtok_get.so.1 sshd auth required pam_dhkeys.so.1 sshd auth required pam_unix_cred.so.1 sshd auth required pam_unix_auth.so.1 sshd auth required /opt/CITotp/lib/pam_mobile_otp.so Debug output from sshd says: debug3: /etc/ssh/sshd_config:100 setting UsePAM yes /etc/ssh/sshd_config line 100: ignoring UsePAM option value. This option is always on. debug3: PAM service is sshd-none debug3: PAM service is sshd-pubkey debug3: PAM service is sshd-kbdint -- Citrus IT Limited | +44 (0)870 199 8000 | enquir...@citrus-it.co.uk Rock House Farm | Green Moor | Wortley | Sheffield | S35 7DQ Registered in England and Wales | Company number 4899123 _______________________________________________ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss