mirror of
https://github.com/Yubico/yubico-pam.git
synced 2025-02-20 21:54:16 +01:00
Update README
This commit is contained in:
parent
a8723663e5
commit
f9c8418c81
15
README
15
README
@ -255,8 +255,8 @@ each user you want to allow onto the system using a Yubikey.
|
||||
The mappings should look like this, one per line:
|
||||
|
||||
------
|
||||
<first user name>:<Yubikey token ID1>:<Yubikey token ID2>:….
|
||||
<second user name>:<Yubikey token ID3>:<Yubikey token ID4>:….
|
||||
<first user name>:<Yubikey token ID1>:<Yubikey token ID2>:….
|
||||
<second user name>:<Yubikey token ID3>:<Yubikey token ID4>:….
|
||||
------
|
||||
|
||||
Now add authfile=/etc/yubikey_mappings to your PAM configuration line, so it
|
||||
@ -303,8 +303,8 @@ Fast way
|
||||
It will output an OTP into the shell:
|
||||
|
||||
------
|
||||
$ cccccccgklgcvnkcvnnegrnhgrjkhlkfhdkclfncvlgj
|
||||
bash: cccccccgklgcvnkcvnnegrnhgrjkhlkfhdkclfncvlgj: command not found
|
||||
$ cccccccgklgcvnkcvnnegrnhgrjkhlkfhdkclfncvlgj
|
||||
bash: cccccccgklgcvnkcvnnegrnhgrjkhlkfhdkclfncvlgj: command not found
|
||||
------
|
||||
|
||||
This can be pasted into the Modhex_Calculator page.
|
||||
@ -330,14 +330,11 @@ Users with SELinux in enforcing mode (the default on Fedora 17+) may experience
|
||||
login problems with services including those validated via
|
||||
polkit-agent-helper-1, sshd and login.
|
||||
|
||||
This is documented in the PAM Yubico issue tracker [1] and Red Hat bugzilla
|
||||
including a work around [2] for ssh (Equivalent files could be created for
|
||||
This is https://bugzilla.redhat.com/show_bug.cgi?id=841693#c3[documented in Red Hat bugzilla]
|
||||
including a work around for ssh (Equivalent files could be created for
|
||||
other services). Systems in 'permissive' mode will generate AVC warnings but
|
||||
authentication will succeed.
|
||||
|
||||
[1] https://code.google.com/p/yubico-pam/issues/detail?id=43
|
||||
[2] https://bugzilla.redhat.com/show_bug.cgi?id=841693#c3
|
||||
|
||||
To determine if you have SELinux enforcing or not run the 'sestatus' command.
|
||||
|
||||
Examples
|
||||
|
Loading…
x
Reference in New Issue
Block a user