Could please somebody share experience of using PAM module of PrivacyIDEA on the Centos 8 Stream with Python3?
I managed to make the pam_python.so from source but with a lot of difficulties and with editing of some source files. May be the easier way is present?
Probably somewhere are present the ideal /etc/pam.d/sshd config for this OS. The examples in the documentation describe the Debian branch as far as I understand, right?
I recommend to use pam_radius, if possible.
The privacyIDEA PAM module is rather outdated.
Thanks for the answer.
We are looking for a secure solution for linux ssh with OTP. We have tested pam_radius but it does not support TLS encryption which creates additional risks. I am aware that it’s possible to use additional solutions to securely communicate with RADIUS server (like radsecproxy) however it does not help much (I can describe possible cases explaining why).
So I would like to ask if there are any plans to rework privacyIDEA PAM module or provide some other solution that would use end-to-end encryption.
No, there are no such plans.
Since time is limited and noone is throwing money at it.