Package: libpam-oath Version: 2.4.1-1 Severity: wishlist Since only root can (and should) update /etc/users.oath, it's pretty inconvenient to deploy pam-oath in any environment, as it automatically kicks out any user using password authentication.
It would be good if there was an option in the pam module that would allow authentication to succeed if the user is *not* present in the users file. Thanks! -- System Information: Debian Release: 8.2 APT prefers stable APT policy: (500, 'stable'), (1, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_CA.UTF-8, LC_CTYPE=fr_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages libpam-oath depends on: ii libc6 2.19-18+deb8u1 ii liboath0 2.4.1-1 ii libpam-runtime 1.1.8-3.1 ii libpam0g 1.1.8-3.1 libpam-oath recommends no packages. libpam-oath suggests no packages. -- no debconf information