Hi Christoph. Quoting Christoph Pleger (2020-02-14 13:25:24) > I created a PAM configuration with the goal to make it possible that a > user can either login by inserting a smartcard into a card reader and > entering the correct PIN, or by entering the traditional UNIX > password. This is what my /etc/pam.d/common-auth looks like:
[...] > auth [success=2 default=ignore] pam_p11.so > /usr/local/lib/libcvP11.so [...] > This works nearly exactly as desired, "nearly" because though the > login with unix password works, the application shows "Login failed" > for a short time. Is there something I can change in the above file to > avoid this message? I don't know what local library it is you used, but I encourage you to consider the use of Debian packages libpam-p11 libpam-pkcs11 and libpam-poldi - or if you already considered those then share why you rejected them. ...and then I suggest check their documentation - perhaps they already cover the combination use case that you are exploring. - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature