PAM module does not report insufficient remaining passwords

NOTE: Potential denial-of-service vulnerability. See details below.

According to the otpw.html file distributed with the libpam-otpw package:

"If after otpw_verify() has returned, the condition ch.entries > 2 * ch.remaining is true and half of all passwords have been used, the user should be remembered to generate a new password list by executing otpw-gen."

With the following PAM settings included in /etc/pam.d/sshd:

auth sufficient pam_otpw.so
session optional pam_otpw.so

this doesn't happen. In fact, it's possible to completely run out of one-time passwords without warning. This is a security vulnerability insofar as it can lead to denial-of-service if OTPs are silently exhausted, especially when alternatives to ChallengeResponseAuthentication have been administratively disabled in /etc/ssh/sshd_config.

Expected behavior is for the PAM module to squawk at the user when remaining passwords are less than 50% of those generated, or less than some minimum value (e.g. some reasonable number that would provide random selection even in the face of the race-for-the-last-key attack described in the otpw.html document itself).

ProblemType: Bug
DistroRelease: Ubuntu 11.10
Package: libpam-otpw 1.3-2ubuntu1
ProcVersionSignature: Ubuntu 3.0.0-16.28-generic 3.0.17
Uname: Linux 3.0.0-16-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 1.23-0ubuntu4
Architecture: amd64
Date: Sat Feb 18 05:32:30 2012
EcryptfsInUse: Yes
InstallationMedia: Ubuntu 11.10 "Oneiric Ocelot" - Release amd64 (20111012)
SourcePackage: otpw
UpgradeStatus: No upgrade log present (probably fresh install)