Running on an alpine docker image an SSH server. Starting the server I get the message:
/etc/ssh/sshd_config line 24: Unsupported option UsePAM
AFAIK UsePAM option has been supported for many years into OpenSSH.
I'm running
OpenSSH_8.1p1, OpenSSL 1.1.1d 10 Sep 2019
Is it deprecated now?
Missed this alpine package:
openssh-server-pam
Installing it, works and PAM is now supported.
To add to your answer:
As noted in Two Factor Authentication With OpenSSH google-authenticator requires openssh-server-pam, as you mention.
One thing that is missed in the tutorials depending on how it was set up was the use of the community repository to solve a common problem with this package installation:
ERROR: unsatisfiable constraints:
google-authenticator (missing):
required by: world[google-authenticator]
To set up the repository(ies) to do this correctly, go into
/etc/apk/repositories and uncomment the community version of the repository line you are using:
https://<some_mirror>/<ver>/main
https://<some_mirror>/<ver>/community
Then, a
apk add google-authenticator openssh-server-pam
should work.
EDIT: As of at least Alpine3.X, you should also install libqrencode, via
apk add libqrencode
google-authenticate uses this to generate a scan-able QR code so that you don't have to do the manual entry. It will fail gracefully if this is not installed, however it does make things easier.
