Hi there
I am trying to install pam_usb at home and at the office. Don't really need it at home, but at the office, since I am admin, I require to type in my root password a lot, and usually there's a person standing at my desk and I don't want them to see my password. So I usually go like 'turn around' or hide my hands under a sheet of paper while typing in the password...
I considered smart cards, but why buy something if I already have usb sticks galore?
Ok, so I found pam_usb, installed it via yum, created my keys, and then went to try and use su - but it keeps saying
* pam_usb v0.3.3, (C) 2003-2005 Andrea Luzzardi <scox@sig11.org>
* Authentication denied: remote user.
It does not even try to access the usb device (I would know this by the flashing of the led on the usb stick)
So I tried a few things, like autofs, which works when I go to the directory /mnt/auto/Home_Keys , I added an entry in fstab and played with the options but nothing seems to work.
------= Command history =---------
usbadm keygen /mnt/auto/Home_Keys andy 2048
[!] Directory /mnt/auto/Home_Keys/.auth/ not found, creating one...
[!] Generating 2048 DSA key pair for
andy@earth.Andy.home
[!] Extracting private key...
[+] Private key extracted.
[+] Private key successfully written.
[!] Writing public key...
[+] Public key successfully written.
[root@earth /]# usbadm keygen /mnt/auto/Home_Keys root 2048
[!] Generating 2048 DSA key pair for
root@earth.Andy.home
[!] Extracting private key...
[+] Private key extracted.
[+] Private key successfully written.
[!] Writing public key...
[+] Public key successfully written.
-------= /etc/auto.master =-----------
/mnt/auto /etc/auto.tero --timeout=4
-------= /etc/auto.tero =-------------
Home_Keys -fstype=ext3,rw,nosuid,nodev,user :/dev/sdd1
-------= /etc/fstab =-----------------
/dev/sdd1 /mnt/Home_Keys ext3 noauto
-------= /etc/pam.d/su =--------------
#%PAM-1.0
auth sufficient pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
#auth required pam_wheel.so use_uid
auth sufficient pam_usb.so force_device=/dev/sdd1
auth include system-auth
account sufficient pam_succeed_if.so uid = 0 use_uid quiet
account include system-auth
password include system-auth
session include system-auth
session optional pam_xauth.so
System Information:
Linux earth.Andy.home 2.6.20-1.2925_1.fc6.cubbi_suspend2 #1 SMP Thu Mar 15 13:15:19 CET 2007 i686 i686 i386 GNU/Linux
pam-0.99.6.2-3.16.fc6
pam_usb-0.3.3-6.fc6
Thank you for any help.
Andy