[Enhancement] Pam Modules (yubikey) auth
C0D3-M4513R opened this issue · comments
So I know, that this is probably just supposed to be a lightweight, KISS lua implementation of PAM, but I was wondering, if it was possible to add support for other Pam-authentication modes (such as yubikey auth).
I know, that yubikey auth is setup properly on my system, since I do not need a Password on sudo
, or sudo login
.
I had a quick glance at the docs, and know, that this is a really hard improvement.
As a starter, have a look at the following: pam_sm_authenticate
EDIT: pam_sm_authenticate
is as far as i can see for pam Service Modules
There is a yubikey pam module, but i have no yubikey, so cannot write and test for yubikey, sorry.
This Issue is more meant for general pam-module auth, so other auth factors than password can be used. There are also U2F modules. Honestly more, than one could imagine. If I really want support I'll do a pr.
Until then, I think that we should keep this open, if you don't think, that this is out of place.
As for the yubikey-pam
module: I have it installed, it is just, that this application ONLY supports password.
This Issue is more meant for general pam-module auth, so other auth factors than password can be used.
A good idea, i will try to find some ways later if i have time.
Ok, so something interesting, I have a working version (sadly not cross distro). I changed the service name to common-auth
(that's where I defined my yubikey auth) and added a pam_end()
call at the end.
I will have to check, on how to get it working with login as the service name.