A PAM architecture that requests multiple passwords for authentication

[Orontin]

Sorry in advance for my English.

Hello everyone. I couldn't find the answer to my question in discussions or on the internet. That's why I'm asking it here. I hope to find an answer..

1. I have xrdp 0.10.0 on the server and client
2. We also have an authentication architecture of 2-3 or more factors configured on the server.

When I try to authenticate as a user, I can only pass the password.

Is it possible to communicate by responding to PAM server requests from the client?

I would like the following:

1. to receive a request from the server that started PAM
2. see the text on the client of this request
3. respond to this request

It is necessary for me to communicate, and not to build a logic of answers in advance. Since in fact, both authentication success and error, as well as a request for an additional factor, can come to the same event.

Is it possible?

[matt335672]

Hi @Orontin

No need to apologise for your English at all - it seems fine to me.

At the moment this isn't possible. We've made changes to enable it in the future (see #1959 and #1684)

We do support 2FA using TOTP at present. See this link::-

https://github.com/neutrinolabs/xrdp/wiki/Using-Authy-or-Google-Authenticator-for-2FA-with-XRDP

[Orontin]

@matt335672 Hello, it's a pity, but there's nothing we can do, we'll wait.