#4315 Weird auth error when on full PAM conversation
Now this is weird.
I've enabled full PAM conversation because I use pam_google_authenticator in SSH and webmin pam.d.
Trying to login as root with the correct credentials and I get 'invalid username/password'.
I am not sure how to reproduce it. However, to fix it usually I restart webmin service.
auth.log:
webmin[8940]: Non-existent login as unknown from <ip>
webmin[8949]: Non-existent login as root from <ip>
webmin[8950]: Non-existent login as root from <ip>
webmin[8953]: Non-existent login as root from <ip>
webmin[8955]: Non-existent login as root from <ip>
webmin[8957]: Non-existent login as unknown from <ip>
webmin[8959]: Non-existent login as root from <ip>
webmin[8963]: Non-existent login as root from <ip>
webmin[8969]: Non-existent login as root from <ip>
webmin[8839]: Timeout of PAM session for root</ip></ip></ip></ip></ip></ip></ip></ip></ip>
If you just want to add two-factor authentication to Webmin, this is actually built in as of the 1.660 release. See http://doxfer.webmin.com/Webmin/EnhancedAuthentication
Google authenticatior was already installed for SSHd and just a line inside pam.d/webmin is enough for using it with webmin. I don't see why using another entry in my auth application.
Something is wrong with full pam conversations.
When you have full PAM conversations enabled, now far does it get in the login process - does it actually prompt for the OTP code?
Sometimes no, sometimes yes and afterwards it says "Failed" with unknown login in the logs.
I'm having trouble figuring out why Webmin thinks the root user doesn't exist.
Does this still happen if you don't have two-factor authentication enabled in PAM for webmin (but still have "full PAM conversations" enabled) ?