Update and rename YubikeyAndSSHViaPAM.txt to Yubikey_and_SSH_via_PAM.adoc

2025-01-31 16:52:19 +01:00 · 2014-10-29 16:15:02 +01:00 · 2014-10-29 16:15:02 +01:00 · 3e865435f7
commit 3e865435f7
parent ba80c13988
1 changed files with 29 additions and 40 deletions
--- a/doc/Yubikey_and_SSH_via_PAM.adoc
+++ b/doc/Yubikey_and_SSH_via_PAM.adoc
@ -6,10 +6,6 @@ assumes that the reader has advanced knowledge and experience in Linux
 system administration, particularly for how PAM authentication mechanism is
 configured on a Linux platform.
 Details
 -------
 Prerequisites
 -------------
@ -106,9 +102,7 @@ Configuration of modified pam_yubico.so module at administrative level:
 Append the following line to the beginning of /etc/pam.d/sshd file:
 --------
 auth required pam_yubico.so id=16 debug authfile=/path/to/mapping/file
 --------
 Make sure you set id=16 to the correct API-id for the yubico validation server.
@ -138,14 +132,12 @@ This file must contain only one record. The parameters in the record are
 separated by “:” character similar to /etc/passwd. The contents of this file
 are as shown below:
 <user name>:<yubikey token ID>:<yubikey token ID>: ….
 e.g.
 ------
 paul:indvnvlcbdre:ldvglinuddek
------
+
 The .yubico/authorized_yubikeys file must be created/updated manually and must
 be placed inside user's home directory before configuration of Yubico PAM
@ -157,10 +149,7 @@ Configuration of modified pam_yubico.so module at user level:
 Append the following line to the beginning of /etc/pam.d/sshd file:
 -------
 auth required pam_yubico.so id=16 debug
 -------
 After the above configuration changes, whenever a user connects to the server
 using any SSH client, the PAM authentication interface will pass the control
@ -179,14 +168,14 @@ Append _try_first_pass_ parameter to the _pam_unix.so_ module to authenticate
 the user with password passed from the preceding auth module. 
 The _pam_unix.so_ module used for authentication is generally located into
-_"/etc/pam.d/system-auth"_ for RedHat based Linux system and into
+`/etc/pam.d/system-auth` for RedHat based Linux system and into
-_"/etc/pam.d/common-auth"_ for Debian based Linux systems.
+`/etc/pam.d/common-auth` for Debian based Linux systems.
 4) SSH configuration:
 ---------------------
-Edit the sshd configuration file _“/etc/ssh/sshd_config”_ to disable challenge-
+Edit the sshd configuration file `/etc/ssh/sshd_config`_ to disable challenge-
-response passwords. Change _“challenge-response passwords yes”_ to
+response passwords. Change `challenge-response passwords yes` to
-_“challenge-response passwords no”_.
+`challenge-response passwords no`.
 Test Setup:
@ -197,20 +186,20 @@ A) Fedora 8:
 Test setup for fedora 8 environment is as follows:
-• OS Version: Fedora release 8 (Werewolf)
+* OS Version: Fedora release 8 (Werewolf)
-• Kernel Version: Kernel version 2.6.23.1-42.fc8
+* Kernel Version: Kernel version 2.6.23.1-42.fc8
-• OpenSSH Version : openssh-4.7p1-2.fc8
+* OpenSSH Version : openssh-4.7p1-2.fc8
-• Yubico PAM Version: pam_yubico-1.7
+* Yubico PAM Version: pam_yubico-1.7
 B) Fedora 6:
 ------------
 Test setup for fedora 6 environment is as follows:
-• OS Version: Fedora Core release 6 (Zod)
+* OS Version: Fedora Core release 6 (Zod)
-• Kernel Version: Kernel version 2.6.18-1.2798.fc6
+* Kernel Version: Kernel version 2.6.18-1.2798.fc6
-• OpenSSH Version : openssh-4.3p2-10
+* OpenSSH Version : openssh-4.3p2-10
-• Yubico PAM Version: pam_yubico-1.7
+* Yubico PAM Version: pam_yubico-1.7
 PAM configuration: