Two factor authentication kde

Hi,

I have some problem. We need in company setup two factor for authentication. We using the KDE (we must for some program). I configurate the pam_yubico and evrything is ok. We used yubikey4. In text mod is funcion perfect. Just login:user and next passwrod and next yubikey otp. But in the log screen is not funkcion. I enetr user and password and system give me text login failed.

I will not be prompted for otp. Neither is the system waiting for otp. The login failed immediately without waiting for the printout. Doesn’t know what to do with it?

Thank you

Sounds like you’re not set up properly.
Skimming the Yubikey documentation, I see doucmentation that describes how to set up OTP, and I see documentation for setting up 2 factor authentication when using applications like a web browser or SSH, but unless I just missed it, I don’t see any documentation for 2 factor authentication used for system login… Unless you might consider storing your login credentials on your Yubikey with something like Keepass… In that case, you’d indeed “have your thing” (the Yubikey) and “what you know” (a password).

It also looks like you can set up OTP but at least 2 different ways, storing the keys on your Yubikey or a Yubikey Server.

Bottom line,
There seems to be a lot more you have to describe about your setup or if you even followed proper setup instructions for what you’re trying to do… With so many choices you have to be very clear what you’re doing.

Some info…
The Linux setup link… leads to a video you should view carefully because the video only describes the Quick setup storing keys on the Server
https://www.yubico.com/works-with-yubikey/catalog/linux/

Th general setup page for 2 factor authentication, but as I described may not apply to what you’re trying to do
https://developers.yubico.com/yubico-pam/Two_Factor_PAM_Configuration.html

The ArchLinux page for Yubikey. I frequently use ArchLinux articles to supplement official documentation to clarify and re-explain, sometimes to fill in gaps and often includes some troubleshooting. In this case, I wonder if you should look at teh Keepass section, maybe store a OTP that way on the stick. But, you can make your own decision on that.
https://wiki.archlinux.org/index.php/YubiKey

And, as might be expected if your problem is a matter of making correct choices for your setup and not something specific to openSUSE, Yubikey support is probably your best option.

HTH,
TSU