verbose_otp can not be used with OpenSSH

fixes #25
2025-01-31 16:52:19 +01:00 · 2016-03-29 11:09:58 +02:00 · 2016-03-29 11:09:58 +02:00 · b7e7da494a
commit b7e7da494a
parent a4a5078a77
2 changed files with 2 additions and 3 deletions
--- a/3
+++ b/3
@ -201,8 +201,7 @@ verbose_otp::
   authentication because that will display your password on the
   screen.
   This requires the service using the PAM module to
-   display custom fields.  For example, OpenSSH requires
-   you to configure `ChallengeResponseAuthentication no`.
+   display custom fields.  This option can not be used with OpenSSH.

 ldap_uri:: specify the LDAP server URI (e.g. ldap://localhost).

--- a/pam_yubico.8.txt
+++ b/pam_yubico.8.txt
@ -54,7 +54,7 @@ Specify the path where X509 certificates are stored. This is required if 'https'
 Specify a proxy to connect to the validation server. Valid schemes are socks4://, socks4a://, socks5:// or socks5h://. Socks5h asks the proxy to do the dns resolving. If no scheme or port is specified HTTP proxy port 1080 will be used. E.g. socks5h://user:pass@10.10.0.1:1080

 *verbose_otp*::
-This argument is used to show the OTP (One Time Password) when it is entered, i.e. to enable terminal echo of entered characters.  You are advised to not use this, if you are using two factor authentication because that will display your password on the screen.  This requires the service using the PAM module to display custom fields.  For example, OpenSSH requires you to configure "ChallengeResponseAuthentication no".
+This argument is used to show the OTP (One Time Password) when it is entered, i.e. to enable terminal echo of entered characters.  You are advised to not use this, if you are using two factor authentication because that will display your password on the screen.  This requires the service using the PAM module to display custom fields.  This option can not be used with OpenSSH.

 *ldap_uri*=_uri_::
 Specify the LDAP server URI (e.g. ldap://localhost).