Hi new to privacyIDEA here,
I am trying to configure privacyIDEA OTP for local login and ssh. I am currently running on Ubuntu 22.04.2 LTS and running on Apache webserver
Below is my pi.cfg
import logging
# The realm, where users are allowed to login as administrators
SUPERUSER_REALM = ['super']
# Your database
#SQLALCHEMY_DATABASE_URI = 'sqlite:////etc/privacyidea/data.sqlite'
# This is used to encrypt the auth_token
#SECRET_KEY = 't0p s3cr3t'
# This is used to encrypt the admin passwords
#PI_PEPPER = "Never know..."
# This is used to encrypt the token data and token passwords
PI_ENCFILE = '/etc/privacyidea/enckey'
# This is used to sign the audit log
# This is the dummy base class
#PI_AUDIT_MODULE = 'privacyidea.lib.auditmodules.base'
# This is the default
#PI_AUDIT_MODULE = 'privacyidea.lib.auditmodules.sqlaudit'
# This is used to sign the audit log
PI_AUDIT_KEY_PRIVATE = '/etc/privacyidea/private.pem'
PI_AUDIT_KEY_PUBLIC = '/etc/privacyidea/public.pem'
PI_AUDIT_SQL_TRUNCATE = True
# The Class for managing the SQL connection pool
PI_ENGINE_REGISTRY_CLASS = "shared"
PI_AUDIT_POOL_SIZE = 20
PI_LOGFILE = '/var/log/privacyidea/privacyidea.log'
PI_LOGLEVEL = logging.INFO
PI_PEPPER = 'hello'
SECRET_KEY = 'there'
SQLALCHEMY_DATABASE_URI = 'mysql+pymysql://pi:cNjD2hb2MFkT@localhost/pi?charset=utf8'
So far I have only configured the realm and enrolled a token following the First Steps in the Documentaton
I am following this old tutorial and the PAM part of the documentation
I installed both libpam and the pam_python and below is the command entered into etc/pam.d/common-auth
auth sufficient pam_python.so /root/pam_python/privacyidea_pam.py url=https://localhost prompt=privacyIDEA_Authentication nosslverify try_first_pass
When trying to login via command line the prompt was not updated to what I set and I am only able to login via the previously set password and not the OTP.
How could I fix this? Also how could I change this to ask for both the password and OTP upon local login/ssh?
EDIT : While using an older version of python the prompt changes to what was set. I have also tested PAM config is working and I can login with password+OTP when using the login command but I cannot use the password+OTP on local login(when you boot up the machine) and ssh. Could i get some help on this and also on how to use later version of python.