Thanks for pointing this out. Maybe Jojo can take a look if this can be integrated into the PI PAM module.
I do not like this a lot, since most of the U2F tokens are preseeded with a master key. This is why I personally do not like to use them.
Kind regards Cornelius
Cornelius Kölbel +49 151 2960 1417
NetKnights GmbHHttp://NetKnights. It
+49 561 3166 797
It would be great if the PAM Plugin could also handle U2F token
There is a (small) pam-u2f module from yubico:
Not integrated into privacyidea, but it might give a hint how that could
I suppose it would also
really be beneficial if the privacyidea server itself has a 2FA mechanism
for user authentication using the WebUI.
That’s already possible with a webui policy: set login_mode to
‘privacyIDEA’. I use that for my admin realm (but not with U2F tokens).
Jochen-------- Ursprüngliche Nachricht --------Von: Jochen Hein email@example.com Datum: 07.04.17 06:23 (GMT+01:00) An: firstname.lastname@example.org Cc: privacyidea email@example.com Betreff: Re: [privacyidea] Re: pam Module fails to authenticate against server?
This space is intentionally left blank.
Please read the blog post about getting help
For professional services and consultancy regarding two factor authentication please visit
In an enterprise environment you should get a SERVICE LEVEL AGREEMENT which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
You received this message because you are subscribed to a topic in the Google Groups “privacyidea” group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/privacyidea/xF77-4xK0Xc/unsubscribe.
To unsubscribe from this group and all its topics, send an email to firstname.lastname@example.org.
To post to this group, send email to email@example.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit https://groups.google.com/d/msgid/privacyidea/83y3vcsv64.fsf%40jochen.org.
For more options, visit https://groups.google.com/d/optout.