| From: | Nima Azizzadeh <n(dot)azizzadeh(at)gmail(dot)com> |
|---|---|
| To: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Two factor authentication role with password and USB Device for PostgreSQL server |
| Date: | 2015-08-16 12:06:29 |
| Message-ID: | CAGVXaca1WnDyJopYLqw2gc+QOzBip7xPt44n9o4Mk5WRg9hUuA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
I'm going to setup 2 factor authentication for my database server. I'm
using PostgreSQL 9.4 DBMS on Ubuntu 14.10. I need to force two
authentication methods for my database server. The authentication can use
password and USB device methods. I already installed pamusb pakages :
sudo apt-get install pamusb-tools libpam-usb
Although I can add devices on my pamusb config file :
pamusb-conf --add-device MyDevice
I should define pamusb users and authentication methods. I added this lines
to pamusb config between <users> tags :
<user id="postgres"> <device>MyDevice</device> </user>
I also create new pam module in \etc\pam.d directory with the name "mypam" :
auth required pam_usb.so
auth include password-auth
account include password-auth
and I edited Postgresql pg_hba.conf file:
local all all pam mypam
host all all 127.0.0.1/32 pam mypam
host all all ::1/128 pam mypam
but it doesn't work, can you please help me on this?
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Mohamed MANSOUR | 2015-08-17 08:42:52 | Restore and Backup PG8.4 tp 9.4 |
| Previous Message | Tom Lane | 2015-08-15 18:34:16 | Re: postgres_fdw error |