Hi Karim,
No, it works with all kinds of user stores.
But you need to be aware, that the user also needs to be available on
the system, where you are authenticating.
You are jumping into a complex scenario which contains several possible
source for errors.
Always approach a scenario step by step, to reduce the possible error
source in each step.
In your case, the OTP PIN is wrong.
So first you need to assure, that you in fact can authenticate with the
token and with the user.
(Without any PAM-stuff)
Kind regards
CorneliusAm Montag, den 06.07.2015, 02:18 -0700 schrieb CK:
Hi ! I have a privacy idea server configured on my ubuntu 14.04. I
have a little issue with SSH :
→ I can authenticate via SSH successfully when the username passed
(when doing ssh user@localhost) is in /etc/passwd.
Now, I configured a LDAP resolver, who seems to be well-configured
because it retrieves my users stored in.
But, when I tried to do ssh ldapUser@localhost, it fails and in the
audit of the webUI of PI, I have “wrong otp pin” and however I checked
that the token is working.
So does the PAM module works with any resolver or JUST
with /etc/passwd (unix users) ?
Thanks in advance,
Kind regards,
Karim
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/3281f7c7-6391-4d78-93dc-43b455b9d3be%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (819 Bytes)