LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 06-16-2010, 06:17 AM   #1
boblikeslinux
LQ Newbie
 
Registered: Feb 2010
Posts: 10

Rep: Reputation: 1
Yubikey, su and /usr/bin/kupdateapplet


I can't make my Yubikey work with these using YubiPAM-1.0.4. Login will allow me to login with my OTP and so will sudo, su and kupdateapplet refuse and I don't understand enough about PAM to know why. Can anyone help?
 
Old 06-16-2010, 05:53 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,675
Blog Entries: 54

Rep: Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954
YubiPAM installs the /lib/security/pam_yubikey.so PAM module. All PAM stack files by default reside in the /etc/pam.d directory. Named for the service they provide (ssh, login, su), a PAM stack may include a "auth include" placeholder line referencing includes like "common-account", "common-password" or "common-session", but other than those includes it is stand-alone. This means that for every service you want to use your Yubikey with you will need to add the appropriate "auth require pam_yubikey.so" lines. Please see the README. Please think about which services you want to use pam_yubikey.so with. Please think about physical security of your key.
 
1 members found this post helpful.
Old 06-17-2010, 05:06 AM   #3
boblikeslinux
LQ Newbie
 
Registered: Feb 2010
Posts: 10

Original Poster
Rep: Reputation: 1
I made a patch which fixes the problem:

http://forum.yubico.com/viewtopic.php?f=6&t=543
 
Old 06-17-2010, 02:10 PM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,675
Blog Entries: 54

Rep: Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954Reputation: 2954
Thanks!
 
  


Reply

Tags
pam


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Kickoff Application Launches from /usr/bin rather than /usr/local/bin Tim Johnson Slackware 2 05-26-2010 10:36 PM
On slack-current: /usr/bin/mtp-getfile -> /tmp/package-libmtp/usr/bin/mtp-connect ? LuckyCyborg Slackware 3 05-03-2010 02:13 PM
echo $PATH = /home/g3rc4n/bin:/usr/local/bin:/usr/bin:/bin:/usr/games ? i_heart_pandas Linux - Software 7 09-18-2009 09:33 AM
Failed to chck remot comnd executin using shells /usr/bin/ssh and /usr/bin/rsh farnaw4u Linux - Software 2 04-06-2009 01:08 AM
path in services wrong for clamav updated frm 0.75 to 0.80 usr/bin vs usr/local/bin Emmanuel_uk Linux - Newbie 3 04-22-2005 02:02 AM


All times are GMT -5. The time now is 09:50 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration