1
0
forked from cockpit/cockpit

support optional TOTP for authentication

It requires a pam_oath in a version that implements the
no_usersfile_okay argument. Provisionally using 2.6.11.12 as a version
to indicate it, the patch is not yet merged upstream, but this is likely
a version upstream will not assign. Patch:
https://gitlab.com/oath-toolkit/oath-toolkit/-/merge_requests/42

Upstream: https://github.com/openSUSE/cockpit/pull/27
This commit is contained in:
Jan Zerebecki 2024-08-06 16:43:58 +02:00
parent 14257e4afc
commit 95f291257b
No known key found for this signature in database
GPG Key ID: 94D2D0D2432ED7CC
3 changed files with 7 additions and 0 deletions

View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Wed Sep 18 12:37:18 UTC 2024 - Jan Zerebecki <jan.suse@zerebecki.de>
- support optional TOTP for authentication, requires pam_oath
-------------------------------------------------------------------
Tue Aug 20 13:24:06 UTC 2024 - Adam Majer <adam.majer@suse.de>

View File

@ -8,3 +8,4 @@ password include common-password
session required pam_loginuid.so
session optional pam_keyinit.so force revoke
session include common-session
auth [user_unknown=ignore success=ok] pam_oath.so usersfile=${HOME}/.pam_oath_usersfile no_usersfile_okay window=20 digits=6

View File

@ -575,6 +575,7 @@ Suggests: sssd-dbus >= 2.6.2
%if 0%{?suse_version}
Requires(pre): permissions
Requires: distribution-logos
Requires: pam_oath >= 2.6.11.12
Requires: wallpaper-branding
%endif
# for cockpit-desktop