summaryrefslogtreecommitdiff
path: root/debian/vyos-1x.postinst
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2023-12-08 18:05:38 +0100
committerGitHub <noreply@github.com>2023-12-08 18:05:38 +0100
commit030abbf48fd1399a30ed668f02e4ab02dbff0706 (patch)
tree17e2f4923cae5459d323702088011a6112356505 /debian/vyos-1x.postinst
parent9c8a7a987fcb99adaa9ba8d423640441e8725ecf (diff)
parente134dc4171b051d0f98c7151ef32a347bc4f87e2 (diff)
downloadvyos-1x-030abbf48fd1399a30ed668f02e4ab02dbff0706.tar.gz
vyos-1x-030abbf48fd1399a30ed668f02e4ab02dbff0706.zip
Merge pull request #2584 from c-po/T4943-google-authenticator
login: T4943: use pam-auth-update to enable/disable Google authenticator
Diffstat (limited to 'debian/vyos-1x.postinst')
-rw-r--r--debian/vyos-1x.postinst8
1 files changed, 0 insertions, 8 deletions
diff --git a/debian/vyos-1x.postinst b/debian/vyos-1x.postinst
index 64c60a780..cd88cf60c 100644
--- a/debian/vyos-1x.postinst
+++ b/debian/vyos-1x.postinst
@@ -21,14 +21,6 @@ if ! grep -q '^openvpn' /etc/passwd; then
adduser --quiet --firstuid 100 --system --group --shell /usr/sbin/nologin openvpn
fi
-# Enable 2FA/MFA support for SSH and local logins
-for file in /etc/pam.d/sshd /etc/pam.d/login
-do
- PAM_CONFIG="# Check 2FA/MFA authentication token if enabled (per user)\nauth required pam_google_authenticator.so nullok forward_pass\n"
- grep -qF -- "pam_google_authenticator.so" $file || \
- sed -i "/^# Standard Un\*x authentication\./i${PAM_CONFIG}" $file
-done
-
# We need to have a group for RADIUS service users to use it inside PAM rules
if ! grep -q '^radius' /etc/group; then
addgroup --firstgid 1000 --quiet radius