diff options
| author | Christian Breunig <christian@breunig.cc> | 2023-12-08 18:34:53 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-12-08 18:34:53 +0100 |
| commit | f44cf2923bf12360e5665cb8d7391557241fba96 (patch) | |
| tree | bc6650c325c1eee90ee5f47bf7101818a8531b28 /debian | |
| parent | 7f081cadd0855ebc1104919329c11c98de1445f1 (diff) | |
| parent | 14b107442ebf1f4f44bad485c585d4b9cfd97384 (diff) | |
| download | vyos-1x-f44cf2923bf12360e5665cb8d7391557241fba96.tar.gz vyos-1x-f44cf2923bf12360e5665cb8d7391557241fba96.zip | |
Merge pull request #2593 from vyos/mergify/bp/sagitta/pr-2584
login: T4943: use pam-auth-update to enable/disable Google authenticator (backport #2584)
Diffstat (limited to 'debian')
| -rw-r--r-- | debian/vyos-1x.postinst | 8 |
1 files changed, 0 insertions, 8 deletions
diff --git a/debian/vyos-1x.postinst b/debian/vyos-1x.postinst index 64c60a780..cd88cf60c 100644 --- a/debian/vyos-1x.postinst +++ b/debian/vyos-1x.postinst @@ -21,14 +21,6 @@ if ! grep -q '^openvpn' /etc/passwd; then adduser --quiet --firstuid 100 --system --group --shell /usr/sbin/nologin openvpn fi -# Enable 2FA/MFA support for SSH and local logins -for file in /etc/pam.d/sshd /etc/pam.d/login -do - PAM_CONFIG="# Check 2FA/MFA authentication token if enabled (per user)\nauth required pam_google_authenticator.so nullok forward_pass\n" - grep -qF -- "pam_google_authenticator.so" $file || \ - sed -i "/^# Standard Un\*x authentication\./i${PAM_CONFIG}" $file -done - # We need to have a group for RADIUS service users to use it inside PAM rules if ! grep -q '^radius' /etc/group; then addgroup --firstgid 1000 --quiet radius |