Enable PAM module to work with VPN software (POC provided) #118
Comments
|
Comment #1 originally posted by tore.lonoy on 2011-11-12T11:14:21.000Z: If you look at line 781 in yubico's source code the relevant code for this to work is present: In line 791 they use the pam_set_item function to also return the supplied password part: Hope this is enoug information for someone to add this feature. |
|
Comment #2 originally posted by markus@google.com on 2011-12-15T08:37:41.000Z: Can you let me know, whether the "forward_pass" option that I just added is sufficient to do what you want? |
|
Comment #3 originally posted by markus@google.com on 2011-12-15T08:52:04.000Z: <empty> |
|
Comment #4 originally posted by markus@google.com on 2011-12-15T08:53:13.000Z: <empty> |
Original issue 119 created by tore.lonoy on 2011-11-11T08:27:32.000Z:
Currently google-authenticator cannot be used to authenticate with a single password that consists of the one time key and a personal password.
What I would like to do is this:
When 6. is checked with PAM, the google-authenticator will get the last 8 chars if the password provided, and validate it. If auth OK, the module will return OK and "test1234", and hand it over to the next PAM, pam_unix.so.
Yubico (http://yubico.com/) has done this with their yubikey.
The source code to their PAM module is located here: http://code.google.com/p/yubico-pam/
This would enable users to use google-authenticator with e.g. pfsense and PPTP, and just about any other PAM enabled application.
The text was updated successfully, but these errors were encountered: