Hello Michal,
you are given a lot RADIUS configuration, but did you take a look at the
RADIUS log?!
The log from the privacyIDEA tells, that you obviously have attached the
TOTP token the this client machine with the SSH application.
You do not need to do this - or you must not do this.
The "normal" TOTP token does not need to be attached.
1. verify normal authentication (e.g. REST API)
-> take a look at privacyIDEA log
2. verify RADIUS authentication (WITHOUT SSH!) e.g. radlicnt
-> take a loot at RADIUS log
3. If this is all working right, you can check SSH.
-> take a look at PAM log
This is the recommended way to narrow down a problem. ,-)
Kind regards
Cornelius
> --
> Please read the blog post about getting help
>
https://www.privacyidea.org/getting-help/.
>
> For professional services and consultancy regarding two factor
> authentication please visit
>
https://netknights.it/en/leistungen/one-time-services/
>
> In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
> which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
>
https://netknights.it/en/leistungen/service-level-agreements/
> ---
> You received this message because you are subscribed to the Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to
privacyidea...@googlegroups.com.
> To post to this group, send email to
priva...@googlegroups.com.
> Visit this group at
https://groups.google.com/group/privacyidea.
> To view this discussion on the web visit
>
https://groups.google.com/d/msgid/privacyidea/af8b4842-a577-4a1f-aa88-3e0d2ee63484%40googlegroups.com.
> For more options, visit
https://groups.google.com/d/optout.
--
Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel:
+49 561 3166797, Fax:
+49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel