Yes of course. Authentication succeeded when no password was given, unless use_first_pass was being used. This is fatal if pam_yubico is considered 'sufficient' in the PAM configuration.
Use the configuration for pam_yubico below for su, for example: auth sufficient pam_yubico.so id=1 debug authfile=/etc/yubikey_whatever_u_have When doing "su -" and prompts for "Yubikey for 'root'" just press Ctrl-D. Cheers, Chris. > ]] "Nanakos V. Chrysostomos" > > (please follow normal mailing list conventions and quote properly.) > > Hi, > > | I agree that the change is not Copyrightable. The bug > | is there and its easyli reproducable. > > If it is so easily reproducible you should improve the description. I > can't reproduce it by using pam_yubico with login and just pressing C-d > for my password, at least. > > -- > Tollef Fog Heen > UNIX is user friendly, it's just picky about who its friends are > > > -- > To UNSUBSCRIBE, email to [email protected] > with a subject of "unsubscribe". Trouble? Contact > [email protected] > Archive: > http://lists.debian.org/[email protected] > > -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
