ThomasHabets
commented
3 months ago The template only works if you fill it out.
And passwd root. You run that as root?
Closed raviteja-b closed 3 months ago
ThomasHabets
commented
3 months ago The template only works if you fill it out.
And passwd root. You run that as root?
raviteja-b
commented
3 months ago The template only works if you fill it out.
And
passwd root. You run that as root?
yes user management application runs with root privilege and uses linux pam calls to set/change password which is failing... to recreate this issue, I just gave example of passwd
can you please share what should be common-password pam configuration to enable pam google authenticator library
ThomasHabets
commented
3 months ago You still did not fill out the template. At least I fixed the formatting errors.
What do you expect to happen for someone who already has root, if they want to change the password?
But yes, it does seem like PAM needs pam_sm_chauthtok to be implemented for password changing to work with OTPs. It can be filed as a feature request.
Describe the bug
After configuring google authentication pam configuration on my system, totp based authentication works fine but changing password of users on the system fails and new user creation also fails
To Reproduce
Steps to reproduce the behavior:
started hitting this error after modifying common-password pam config file to include
password [success=ok default=die] pam_google_authenticator.so debughere is error passwd command error on system,
if I remove above mentioned config line in common-password, I am able to change password of users.
Expected behavior
Password change of users should work after enabling google-authentcator pam configuration.
Config. E.g.
/etc/ssh/sshd_configLogs:
/var/log/auth.logor equivalentEnvironment
sestatus): NOAdditional context
Add any other context about the problem here.