Example: in /etc/pam.d/sudo:
auth required pam_unix.so auth sufficient pam_oath.so usersfile=/etc/users.oath digits=6 try_first_pass debug By testing the login by the unix pass everything works well. By testing with the otp (xyzabc_ is the password and 123456 is the otp) i get: ~]$ sudo su Passwort: [pam_oath.c:parse_cfg(118)] called. [pam_oath.c:parse_cfg(119)] flags 32768 argc 4 [pam_oath.c:parse_cfg(121)] argv[0]=usersfile=/etc/users.oath [pam_oath.c:parse_cfg(121)] argv[1]=digits=6 [pam_oath.c:parse_cfg(121)] argv[2]=use_first_pass [pam_oath.c:parse_cfg(121)] argv[3]=debug [pam_oath.c:parse_cfg(122)] debug=1 [pam_oath.c:parse_cfg(123)] alwaysok=0 [pam_oath.c:parse_cfg(124)] try_first_pass=0 [pam_oath.c:parse_cfg(125)] use_first_pass=1 [pam_oath.c:parse_cfg(126)] usersfile=/etc/users.oath [pam_oath.c:parse_cfg(127)] digits=6 [pam_oath.c:parse_cfg(128)] window=5 [pam_oath.c:pam_sm_authenticate(157)] get user returned: jens [pam_oath.c:pam_sm_authenticate(168)] get password returned: xyzabc_123456 [pam_oath.c:pam_sm_authenticate(274)] Password: xyzabc_ [pam_oath.c:pam_sm_authenticate(292)] OTP: [pam_oath.c:pam_sm_authenticate(305)] authenticate rc -2 (OATH_INVALID_DIGITS: Unsupported number of OTP digits) last otp Mon May 30 01:00:38 2011 [pam_oath.c:pam_sm_authenticate(311)] One-time password not authorized to login as user 'jens' [pam_oath.c:pam_sm_authenticate(327)] done. [Fehler bei Authentifizierung] Sorry, try again. Passwort: the same with use_first_pass withou both try_first_pass and use_first_pass it works but i'm asked first for the unix pass and second for the otp if unix fails ???????
