PAM with OTP

Cornelius Kölbel cornelius.koelbel at
Fri Aug 23 04:08:31 EDT 2013

Dear list members,

I guess this one goes to Russ Allbery. I configured OTPOverRadius and on
a client machine pam_krb using anonymous PKINT to get an armor ticket
for my OTP authentication.

pam = {
   minimum_uid = 1000
   anon_fast = true

pam_krb5 seems to come as first auth module in my pam stack, but I am
always asked for a password (where I can enter anything) and only then I
am asked for "Enter OTP Token Value".
How can I get rid of the first password prompt?

Thanks a lot

Cornelius Kölbel
(Head of Product Management)
LSE Leading Security Experts GmbH, Postfach 100121, 64201 Darmstadt
Tel: +49 6151 86086-252, Fax: -299, Mobil: +49 160 96307089
Unternehmenssitz: Weiterstadt, Amtsgericht Darmstadt: HRB8649
Geschaeftsfuehrer: Oliver Michel, Sven Walther, Dr. Peter Schill

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
Url :

More information about the krbdev mailing list