[OATH-Toolkit-help] pam_oath with openssh problem in CentOS6.0

[谭中一]

Hi,all

I seek a solution for ssh with otp，then I found oath toolkit.

     My machine : CentOS6.0(in Vbox4.1.6),OpenSSH_5.3p1, OpenSSL 1.0.0-fips,

follow the README, I Building and installation oath-toolkit-1.10.4.

I had successful configure the su and login use pam_oath two factor authentication.

but when I configure the ssh and login use pam_oath, I can't pass the authentication.

     this is my /etc/pam.d/sshd content.

====================================================

auth requisite pam_oath.so usersfile=/etc/users.oath window=20 digits=6

#%PAM-1.0

auth       required     pam_sepermit.so

auth       include      password-auth

account    required     pam_nologin.so

account    include      password-auth

password   include      password-auth

# pam_selinux.so close should be the first session rule

session    required     pam_selinux.so close

session    required     pam_loginuid.so

# pam_selinux.so open should only be followed by sessions to be executed in the user context

session    required     pam_selinux.so open env_params

session    optional     pam_keyinit.so force revoke

session    include      password-auth。

===================================================

And I have other machine which is Ubuntu10.04(also in Vbox4.1.6)，the pam_oath.so works very well both in su and ssh.

So I think there maybe some wrongs in the CentOS /etc/pam.d/sshd.

I am look for your helping, thanks!