On 10/24/13 21:30, Otto Moerbeek wrote:
On Thu, Oct 24, 2013 at 07:44:27PM +0200, Daniel Hartmeier wrote:
On Thu, Oct 24, 2013 at 03:07:19PM +0200, Pieter Verberne wrote:
-r--r----- 1 root auth 33 Oct 24 14:47 pieter.key
-r--r----- 1 root auth 10 Oct 24 14:47 pieter.uid
Your uid file looks too small, it's usually 13 bytes, with 12 hex digits
and a newline (optional).
# /usr/libexec/auth/login_yubikey -d -s login pieter
Password:
reject
authlog:
Oct 24 14:52:51 lilium login_yubikey: user pieter: fdopen: Bad file
descriptor
Oct 24 14:53:08 lilium login_yubikey: user pieter: reject
The first error must be from a different invokation. If you get the
Password: prompt, that error condition is already passed.
Daniel
iirc bsd auth helpers expect an open fd 3 to read a challenge. They
are not meant to be run directly from the command line.
That's what -d is for. Without -d, you get the first error message
though, as then you expect fd3 to be open. :-)
/Alexander
