[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Additional input (second password) during login



On Tuesday 09 December 2003 07:53, Tobias Schaefer wrote:
> > > I wonder if it's possible to fiddle with PAM to allow for conditional
> > > input of an additional password. I would e.g. like ssh login to do an
> > > extra prompt for an one time password if the user logs in from a
> > > non-internal network.
> >
> > Hi,
> >
> > Sure, one just needs to configure pam.conf (or app.conf) to use other
> > modules of authentication as well, such as:
>
> It's not that easy: In case of ssh you configure pam for sshd on the
> server machine. But you communicate the password to the client program
> ssh. Since there is no generic communication mechanism between client and
> server you cannot present arbitrary questions to the user. You are
> constrained by the ssh-protocol between client and server. And that does
> allow for one password.

Oh, really. I've just seen in a sample here, I was mistakenly wondering that 
the conversation mechanism could do that. 

Thanks,
Lucas




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]