Hello, I'm going to create two factor authentication for pgadmin server... I'm using postgresql 9.4 with pgadmin III on Linux Mint 17.2 32bit... I already have 1 password authentication but For better security, I just want to force 2 of them. The authentication factors could be any things(what user has,what user knows,where user is or what user is). for example: The first factor is "password(what user knows)" and the second is "USB device(what user has)". I need to force Postgresql to check both for authenticate user and connect him to the server. I send you a screenshot from pgAdmin server authenticate screen and I'm going to implement 2 factor authentication for this. I not talking about OS authentication. All authenticate operation should operate from Postgresql.
I already try this for login into pgAdmin through password and USB: I installed pamusb pakages : sudo apt-get install pamusb-tools libpam-usb Although I can add devices on my pamusb config file : pamusb-conf --add-device MyDevice and I can define pamusb users. I added this lines to pamusb config between <users> tags : <user id="postgres"> <device>MyDevice</device> </user> My guess : I think I should write module in /etc/pam.d and edit pg_hba.conf file to define login method for local users : local all all pam pamservice=mypam but I don't know how to write module to force both authentication methods for this(both are required). Any help would be appreciated...
-- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
