otpw password number is not displayed in SSH prompt
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| otpw (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned | ||
Bug Description
No reproductible installation documentation is provided for otpw.
I installed the libpam-otpw package, and the otpw-bin package.
The otpw pam module is not added automatically to the /etc/pam.d/sshd. That's fine.
However, the documentation is also old, latest mention in it is about a version around 3.6, so it supposably works with that version.
Hardy however carries 4.7. This is still fine.
However, when trying to add otpw to the pam configuration according to the README file, it does not work accordingly.
The password prompt for ssh does NOT display the number of the password which is to be entered.
The steps I did:
1. Added the mentioned two lines to /etc/pam.d/sshd
2. Tried both yes and not for PrivilegeSepara
3. Added PAMAuthenticati
4. Restarted ssh server.
The result was that pam_otpw refused the password according to the entries in auth.log, however the password prompt was not visible.
I am actually also a bit concerned about turning off privilege separation in the SSHD server.
Best regards,
Robert
| robvarga (robert-varga) wrote | #1 |
| Changed in otpw (Ubuntu): | |
| status: | New → Confirmed |
| Carey Underwood (cwillu) wrote | #2 |
I found that the documentation is lacking and incorrect.
To use otpw with SSH you need to have ChallengeResponse also enabled, and privilege separation need not be disabled, it was working with privilege separation enabled, too.
Best regards,
Robert