search for: 690038

...d like to propose a patch to OpenSSH for Linux. In the recent few months, I have encountered a scenario where a PAM module used for authentication in SSH should be informed about the previous successful authentication methods. I described the complete scenario here: http://serverfault.com/questions/690038/openssh-two-factor-authentication-combined-with-kerberos-public-key In this use case, I want to introduce a 2nd factor for authentication while accepting public key or GSSAPI authentication as first factor. If and only if none of those methods were successful, a password authentication should be pe...

...hentication methods and/or the supplied credentials. For example, one might want to invoke different PAM modules when the user has been successfully authenticated via GSS-API than otherwise. (For more detailed description of my particular use case, please check out: http://serverfault.com/questions/690038/openssh-two-factor-authentication-combined-with-kerberos-public-key) You can also find some rudimental, PoC code that shows what I've been playing with as a start: https://github.com/dgyuri92/openssh-portable/tree/f/pam_auth_list For further questions about the idea, please feel free to conta...