John Ratliff via FreeIPA-users <freeipa-users(a)lists.fedorahosted.org>
writes:
Okay, so the problem wasn't that it wasn't working; it's
that I didn't
understand the prompts. Debian only prompts for password, but wants
password + OTP on the same field. CentOS prompts for First Factor /
Second Factor.
Is there any way I can make it so that on Debian clients it asks for
the factors separately as well?
Can you please look at /etc/pam.d? Debian uses pam_unix to get the
password+OTP, CentOS/Fedora use pam_sss for non-local users. I've added
the following to /usr/share/pam-configs and use that instead of pam_unix
and pam_sss.
Jochen
--
This space is intentionally left blank.