Am Tue, Nov 12, 2024 at 10:46:04AM -0000 schrieb seojeong kim via sssd-users: > I see this with ssh login.
Hi, ok, then this behavior you see is expected. This is a special handling for ssh since we do not know if ssh was used with 'PasswordAuthentication' or 'KbdInteractiveAuthentication' (formerly known as 'ChallengeResponseAuthentication'). In the latter the fully PAM prompting (First/Second factor) is shown to the user. In the former the ssh client always only asks for 'Password' and on the server side the user input is just send to all PAM prompts, i.e. first and second factor prompt get the same input. If pam_sss detects this case, i.e. PAM service is 'sshd' and first and second factor are the same, it is assumed that the user entered first and second factor in a single string. HTH bye, Sumit > -- > _______________________________________________ > sssd-users mailing list -- sssd-users@lists.fedorahosted.org > To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue -- _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
