From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on sa.int.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=unavailable version=3.2.5 Date: Fri, 4 Oct 2013 18:17:32 +0400 From: Sergey Vlasov To: community@lists.altlinux.org Message-ID: <20131004141732.GD16548@newmaster.mivlgu.local> Mail-Followup-To: community@lists.altlinux.org References: <522E1377.9040204@boressoft.ru> <522F4088.1050309@boressoft.ru> <524DE086.9050209@boressoft.ru> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="3Gf/FFewwPeBMqCJ" Content-Disposition: inline In-Reply-To: <524DE086.9050209@boressoft.ru> Subject: Re: [Comm] =?koi8-r?b?Z29vZ2xlLWF1dGhlbnRpY2F0b3Ig1yBwNg==?= X-BeenThere: community@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux Community general discussions List-Id: ALT Linux Community general discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Oct 2013 14:17:41 -0000 Archived-At: List-Archive: List-Post: --3Gf/FFewwPeBMqCJ Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Oct 04, 2013 at 01:24:22AM +0400, Boris Gulay wrote: > =F4=C1=CB =CB=C1=CB =CF=D4=D7=C5=D4=C1 =CE=C5 =D0=CF=D3=CC=C5=C4=CF=D7=C1= =CC=CF, =C1 =D1 =D7=D3=A3-=D4=C1=CB=C9 =CE=C1=D3=D4=D2=CF=C9=CC, =D4=CF =CF= =D4=D7=C5=DE=D5 =D3=C1=CD > =D3=C5=C2=C5, =C4=CC=D1 =C1=D2=C8=C9=D7=C1 =D2=C1=D3=D3=D9=CC=CB=C9. >=20 > =E9=D4=C1=CB, =D0=D2=CF=C2=CC=C5=CD=C1 =D7 =D4=CF=CD, =DE=D4=CF =CD=CF=C4= =D5=CC=D8 pam_userpass =CE=C5 =C8=CF=DE=C5=D4 =CE=CF=D2=CD=C1=CC=D8=CE=CF > =D2=C1=C2=CF=D4=C1=D4=D8 =D7 =D0=C1=D2=C5 =D3 =C7=D5=C7=CC=CF=CD. =E5=D3= =CC=C9 =D0=D2=CF=D3=D4=CF =C4=CF=C2=C1=D7=C9=D4=D8 =C7=D5=C7=CC =D7 pam.d/s= shd, =D4=CF > =CE=C5=DA=C1=D7=C9=D3=C9=CD=CF =CF=D4 =D0=CF=D2=D1=C4=CB=C1 =D3=CC=C5=C4= =CF=D7=C1=CE=C9=D1 =CD=CF=C4=D5=CC=C5=CA, =C2=D5=C4=C5=D4 =D7=D9=D7=CF=C4= =C9=D4=D3=D1 =D4=CF=CC=D8=CB=CF =DA=C1=D0=D2=CF=D3 > =CE=C1 =CF=C4=CE=CF=D2=C1=DA=CF=D7=D9=CA =D0=C1=D2=CF=CC=D8 =C9 =D7=D3=C5= =C7=C4=C1 =C2=D5=C4=C5=D4 access denied. =FC=D4=CF =D7=D0=CF=CC=CE=C5 =CF=D6=C9=C4=C1=C5=CD=CF, =D0=CF=D3=CB=CF=CC= =D8=CB=D5 =CD=CF=C4=D5=CC=D8 pam_userpass =CE=C1 =D3=C1=CD=CF=CD =C4=C5=CC= =C5 =D0=D2=C5=C4=CE=C1=DA=CE=C1=DE=C5=CE =C4=CC=D1 =C9=D3=D0=CF=CC=D8=DA=CF=D7= =C1=CE=C9=D1 =D7 =D3=CC=D5=DE=C1=C5, =CB=CF=C7=C4=C1 =D0=D2=CF=D4=CF=CB=CF= =CC =CF=C2=CD=C5=CE=C1 =D0=D2=C5=C4=D5=D3=CD=C1=D4=D2=C9=D7=C1=C5=D4 =D1=D7=CE=D9=C5 =D0=CF=CC=D1 = username =C9 password; =D4=CF, =DE=D4=CF =CF=CE =CC=CF=CD=C1=C5=D4 =C1=D5=D4=C5=CE=D4=C9=C6=C9=CB=C1=C3=C9=C0, =C5=D3=CC=C9 =D3=D4=C5=CB PAM = =DA=C1=D0=D2=C1=DB=C9=D7=C1=C5=D4 =C5=DD=A3 =DE=D4=CF-=D4=CF, =D4=C1=CB =C9= =DA=C1=C4=D5=CD=D9=D7=C1=CC=CF=D3=D8 (=C2=C5=DA pam_userpass =D0=D2=C9=CC=CF=D6=C5=CE=C9=C5 =CD=CF=C7=CC=CF =C2= =D9 =CF=D4=D0=D2=C1=D7=C9=D4=D8 =D7 PAM =C9=CD=D1 =C9=CC=C9 =D0=C1=D2=CF=CC= =D8 =D7 =CF=D4=D7=C5=D4 =CE=C1 =D3=CF=D7=D3=C5=CD =C4=D2=D5=C7=C9=C5 =DA=C1=D0=D2= =CF=D3=D9, =D0=CF=D3=CB=CF=CC=D8=CB=D5 =D0=D2=C9 =CF=C2=D2=C1=C2=CF=D4=CB= =C5 =DA=C1=D0=D2=CF=D3=C1 =CF=D4 PAM =D5 =D0=D2=C9=CC=CF=D6=C5=CE=C9=D1 =CE=C5=D4 =C9=CE=C6=CF=D2=CD=C1=C3=C9=C9 =CF= =D4=CF=CD, =DE=D4=CF =DA=C1=D0=D2=C1=DB=C9=D7=C1=C5=D4=D3=D1 =C9=CD=C5=CE= =CE=CF =C9=CD=D1 =D0=CF=CC=D8=DA=CF=D7=C1=D4=C5=CC=D1 =C9=CC=C9 =D0=C1=D2=CF=CC=D8 - =D4=CF=CC=D8=CB=CF =D4=C5=CB=D3=D4=CF=D7=C1= =D1 =D3=D4=D2=CF=CB=C1, =D7=CF=DA=CD=CF=D6=CE=CF, =D0=C5=D2=C5=D7=C5=C4=A3= =CE=CE=C1=D1 =CE=C1 =CB=C1=CB=CF=CA-=D4=CF =D1=DA=D9=CB, =C9 =C6=CC=C1=C7 =D3=CB=D2=D9=D4=C9=D1 =D7=D7=CF=C4=C9=CD=D9= =C8 =D3=C9=CD=D7=CF=CC=CF=D7, =D0=CF =CB=CF=D4=CF=D2=CF=CD=D5 =CF=C2=D9=DE= =CE=CF =C9 =CF=D0=D2=C5=C4=C5=CC=D1=C0=D4 =DA=C1=D0=D2=CF=D3 =D0=C1=D2=CF=CC=D1 =D7 =D0=CF=C4=CF=C2=CE=D9=C8 =D3=CC= =D5=DE=C1=D1=C8). =F4.=C5., =C5=D3=CC=C9 =CE=D5=D6=CE=C1 =D4=CF=CC=D8=CB=CF =D0=D2=CF=D3=D4= =C1=D1 =D0=D2=CF=D7=C5=D2=CB=C1 =C9=CD=C5=CE=C9 =C9 =D0=C1=D2=CF=CC=D1, =D0= =D2=C9 =C9=D3=D0=CF=CC=D8=DA=CF=D7=C1=CE=C9=C9 =D0=C1=CB=C5=D4=C1 openssh =CF=D4 ALT =C2=D5=C4=C5=D4 =D2=C1=C2=CF=D4=C1=D4= =D8 =CB=CF=CE=C6=C9=C7=D5=D2=C1=C3=C9=D1 =D3 =C9=D3=D0=CF=CC=D8=DA=CF=D7=C1= =CE=C9=C5=CD pam_userpass =D7 /etc/pam.d/sshd =C9 =CE=C1=D3=D4=D2=CF=CA=CB=C1=CD=C9 =D7 = sshd_config: PasswordAuthentication yes ChallengeResponseAuthentication no (=CB=D3=D4=C1=D4=C9, =C5=D3=CC=C9 =D5=C4=C1=CC=C9=D4=D8 =D4=CF=CC=D8=CB=CF = pam_userpass, =DC=D4=CF =D2=C1=C2=CF=D4=C1=D4=D8 =D0=C5=D2=C5=D3=D4=C1=CE= =C5=D4, =D0=CF=D3=CB=CF=CC=D8=CB=D5 =D0=C1=D4=DE =C4=CC=D1 =D0=CF=C4=C4=C5=D2=D6=CB= =C9 pam_userpass =D5=C4=C1=CC=D1=C5=D4 =C9=DA =CB=CF=C4=C1 =D0=CF=C4=C4=C5= =D2=D6=CB=D5 =D0=C5=D2=C5=C4=C1=DE=C9 =D0=C1=D2=CF=CC=D1 =D7 =CF=D4=D7=C5=D4 =CE=C1 =DA= =C1=D0=D2=CF=D3 PAM_PROMPT_ECHO_OFF). =E5=D3=CC=C9 =D6=C5 =D0=D2=CF=D3=D4=CF =C9=CD=C5=CE=C9 =C9 =D0=C1=D2=CF=CC= =D1 =D0=CF=CC=D8=DA=CF=D7=C1=D4=C5=CC=D1 =CE=C5=C4=CF=D3=D4=C1=D4=CF=DE=CE= =CF, PasswordAuthentication =D5=D6=C5 =CE=C5 =C7=CF=C4=C9=D4=D3=D1, =D0=CF=DC=D4= =CF=CD=D5 =CE=D5=D6=CE=CF =D7=CB=CC=C0=DE=C9=D4=D8 ChallengeResponseAuthentication, =CE=CF =D7 =CB=CF=C4=C5 =C4=CC=D1 =DC=D4= =CF=C7=CF =CD=C5=D4=CF=C4=C1 =CE=C5=D4 =C9 =CE=C5 =CD=CF=D6=C5=D4 =C2=D9=D4=D8 =D0=CF=C4=C4=C5=D2=D6=CB=C9 pam_userpass, =D0=CF=DC=D4=CF=CD= =D5 =CE=C5=CF=C2=C8=CF=C4=C9=CD=CF =D5=C2=D2=C1=D4=D8 pam_userpass =C9=DA /etc/pam.d/sshd =C9 =D5=D3=D4=C1=CE=CF=D7=C9=D4=D8 =D7 sshd_config =D3=CC= =C5=C4=D5=C0=DD=C9=C5 =D0=C1=D2=C1=CD=C5=D4=D2=D9: PasswordAuthentication no ChallengeResponseAuthentication yes > =EF=C4=CE=C1=CB=CF, =CE=C5 =D3=CD=CF=D4=D2=D1 =CE=C1 =CE=C1=DA=D7=C1=CE= =C9=C5, userpass =CE=C5 =D0=D2=CF=D7=C5=D2=D1=C5=D4 =CC=CF=C7=C9=CE/=D0=C1= =D2=CF=CC=D8, =CF=CE > =D0=D2=CF=D3=D4=CF =DA=C1=D0=D2=C1=DB=C9=D7=C1=C5=D4 =C9=C8 =C9 =D3=CF=C8= =D2=C1=CE=D1=C5=D4 =D7=CE=D5=D4=D2=C9 =D3=D4=C5=CB=C1 pam. =E1 =D0=D2=CF=D7= =C5=D2=D1=C5=D4 =C9=C8 > pam_tcb (http://docs.altlinux.org/manpages/pam_tcb.8.html), =D0=D2=C9=DE= =A3=CD =CF=CE =C9 > =D3=C1=CD =D5=CD=C5=C5=D4 =DA=C1=D0=D2=C1=DB=C9=D7=C1=D4=D8 =D0=C1=D2=CF= =CC=D8! >=20 > =F2=C5=DB=C5=CE=C9=C5 =CF=DE=C5=CE=D8 =D0=D2=CF=D3=D4=CF=C5 - =D7=D9=CB= =C9=C4=D9=D7=C1=C5=CD userpass, =D7=D3=D4=C1=D7=CC=D1=C5=CD =CE=C1 =C5=C7= =CF =CD=C5=D3=D4=CF tcb > =C2=C5=DA =D0=C1=D2=C1=CD=C5=D4=D2=C1 use_first_pass. =ED=CF=CA =D2=C1=C2= =CF=DE=C9=CA =CB=CF=CE=C6=C9=C7 sshd =D7=D9=C7=CC=D1=C4=C9=D4 =D4=C1=CB: >=20 > #auth required pam_userpass.so > auth required pam_tcb.so shadow fork prefix=3D$2y$ count=3D8 nu= llok > auth required pam_google_authenticator.so echo_verification_code > #auth include common-login-use_first_pass >=20 > =F7=C5=D3=D8 =CF=D3=D4=C1=CC=D8=CE=CF=CA =D3=D4=C5=CB =C4=CC=D1 auth =D1 = =D7=D9=CB=C9=CE=D5=CC, =C9=C2=CF =D4=C1=CD =C2=D9=CC =D4=CF=D4 =D6=C5 tcb (= =CF=D4=CB=D5=C4=C1 =D1 > =C9 =D7=DA=D1=CC =D3=CF=CF=D4=D7=C5=D4=D3=D4=D7=D5=C0=DD=D5=C0 =D3=D4=D2= =CF=CB=D5) =C9 =D7=D3=D1=CB=C9=CA ldap, =CB=CF=D4=CF=D2=D9=CA =CD=CE=C5 =CE= =C5 =CE=D5=D6=C5=CE. =F7=CF=CF=C2=DD=C5-=D4=CF =D7 common-login-use_first_pass =CC=C5=D6=C1=CC = =C5=DD=A3 pam_nologin. =F4=C5=CF=D2=C5=D4=C9=DE=C5=D3=CB=C9 c ChallengeResponseAuthentication =C4= =CF=CC=D6=CE=C1 =D2=C1=C2=CF=D4=C1=D4=D8 =D4=C1=CB=C1=D1 =CB=CF=CE=C6=C9=C7=D5=D2=C1=C3=C9=D1: auth include common-login auth required pam_google_authenticator.so echo_verification_code (=C5=D3=CC=C9 pam_google_authenticator =D4=D2=C5=C2=D5=C5=D4=D3=D1 =C9=D3= =D0=CF=CC=D8=DA=CF=D7=C1=D4=D8 =D4=CF=CC=D8=CB=CF =C4=CC=D1 =D7=C8=CF=C4=C1 =DE=C5=D2=C5=DA SSH, =C1 =D0=D2=C9 =D0=D2=CF=DE=C9=C8 =CD=C5=D4=CF=C4=C1=C8= =D7=C8=CF=C4=C1 =D0=D2=CF=D7=C5=D2=D1=D4=D8 =CE=C5 =D4=D2=C5=C2=D5=C5=D4= =D3=D1). --3Gf/FFewwPeBMqCJ Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFSTs38W82GfkQfsqIRArVmAJ0UWP4/4Sc99NpN01T1b6pxoXu3vwCeL55H /q+T1fONBtvF/FUQZSmiuSs= =j199 -----END PGP SIGNATURE----- --3Gf/FFewwPeBMqCJ--