On 23.11.2016 02:03 PM, swizz ly wrote: > Thanks for the update. I tried it, it works nicely, many thanks! However, > there > is a small thing: the user has to be aware that the "Password:" in the first > window is ignored and has nothing to do with the two factor authentication, > only > in the pop-up window with the "Verification code:" should he/she enter the > two-factor passcode. It might be somewhat confusing for the first time. As a > small suggestion, I would either use the input from the "Password:" field even > for the two-factor passcode, or in the pop-up window I would directly copy the > prompt from the SSH session, in this case "Enter PASSCODE:" instead of > "Verification code:".
I think that's the way PAM works. Isn't the idea of 2FA to use both the password and a challenge auth token? Users will need to supply their password anyway, so I don't see the problem at hand currently. Do we get two windows, one for the password (or private key passphrase) and one for the verification code, EVEN THOUGH the password/private key passphrase has been set directly in the session config or via an SSH agent? Copying the prompt actually sounds like a good idea, though, yeah. Mihai
signature.asc
Description: OpenPGP digital signature
_______________________________________________ x2go-user mailing list [email protected] http://lists.x2go.org/listinfo/x2go-user
