On Tue, Feb 4, 2014 at 2:12 PM, Daniel Schmidt <daniel.schm...@wyo.gov>wrote:
> Please forgive the intrusion on a dev list, I didn't see any user list. I
> was wondering if anybody might be able to assist in the following issue.
>
> The following pam config attempts dual factor auth:
>
> auth requisite pam_google_authenticator.so
> secret=/home/${USER}/.google_authenticator forward_pass
> auth required pam_python.so /lib/security/pam_google.py -c
> /etc/pam_google.conf use_first_pass
> account required pam_permit.so
>
> Works quite well from "pamtester xrdp-sesman daniel.schmidt authenticate"
>
> However, gives an error when tried from actual rdp:
>
> xrdp-sesman(pam_google_authenticator)[3919]: No user name available when
> checking verification code
>
> Of course, it worked fine with default common pam_unix.so. Any advice
> would be greatly appreciated.
>
> Thanks,
> -Daniel
>
>
Looks fine to me, not to mention that it works fine with pamtester. I
can't figure out why it fails with xrdp. Ideas? thkx
static const char *get_user_name(pam_handle_t *pamh) {
// Obtain the user's name
const char *username;
if (pam_get_item(pamh, PAM_USER, (void *)&username) != PAM_SUCCESS ||
!username || !*username) {
log_message(LOG_ERR, pamh,
"No user name available when checking verification code");
return NULL;
}
return username;
}
E-Mail to and from me, in connection with the transaction
of public business, is subject to the Wyoming Public Records
Act and may be disclosed to third parties.
------------------------------------------------------------------------------
Managing the Performance of Cloud-Based Applications
Take advantage of what the Cloud has to offer - Avoid Common Pitfalls.
Read the Whitepaper.
http://pubads.g.doubleclick.net/gampad/clk?id=121051231&iu=/4140/ostg.clktrk
_______________________________________________
xrdp-devel mailing list
xrdp-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xrdp-devel
