Page MenuHomeDevCentral
Files F13144918

sshd-otp-freebsd
No OneTemporary
Actions

sshd-otp-freebsd
View Options

# -------------------------------------------------------------
# OpenSSH configuration - OTP SSHD for bastion servers
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# Created: 2018-02-20
# License: Trivial work, not eligible to copyright
# Forked from: FreeBSD: releng/11.1/etc/pam.d/sshd
# 197769 2009-10-05 09:28:54Z des
# Source file: roles/bastion/pam/files/sshd-otp-freebsd
# -------------------------------------------------------------
#
# <auto-generated>
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
# </auto-generated>
# auth
# TODO: when Vault is installed, add key too here through a Vault pillar.
auth sufficient pam_opie.so no_warn no_fake_prompts
auth sufficient /usr/local/lib/security/pam_yubico.so no_warn try_first_pass id=36698
#auth requisite pam_opieaccess.so no_warn allow_local
#auth sufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
#auth required pam_unix.so no_warn try_first_pass
auth sufficient pam_deny.so
# account
account required pam_nologin.so
#account required pam_krb5.so
account required pam_login_access.so
account required pam_unix.so
# session
#session optional pam_ssh.so want_agent
session required pam_permit.so
# password
#password sufficient pam_krb5.so no_warn try_first_pass
password required pam_unix.so no_warn try_first_pass

File Metadata

Mime Type
text/plain
Expires
Fri, Nov 21, 17:09 (8 m, 41 s)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3184321
Default Alt Text
sshd-otp-freebsd (1 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator