| PAM_GOOGLE_AUTHENTICATOR(8) | System Manager's Manual | PAM_GOOGLE_AUTHENTICATOR(8) |
pam_google_authenticator - PAM module for two-step verification
pam_google_authenticator.so
The current version requires the existance of ~/.google-authenticator. If the file does not exist for a user, the authentication module will fail. Each user MUST create their secret key with google-authenticator(1) PRIOR TO enabling this module.
When used with sshd remember to edit sshd_config:
ChallengeResponseAuthentication yes
Add this line to /etc/pam.d/<FAVORITESERVICE>:
auth required pam_google_authenticator.so
If needed only for a certain group:
auth [default=1 success=ignore] pam_succeed_if.so quiet user ingroup <group>
auth required pam_google_authenticator.so
http://code.google.com/p/google-authenticator/
/wiki/PamModuleInstructions
| 25 Feb 2011 |