PAM + OTP

Please review 2fa recipe - http://ocserv.gitlab.io/www/recipes-ocserv-2fa.html

In my case on CentOS 8

/etc/pam.d/ocserv:

auth requisite pam_oath.so debug usersfile=/etc/users.oath window=20

completely ignoring and Cisco AnyConnect client just asking for a password and provide access.

# ocserv -version
ocserv 0.12.6

Compiled with: seccomp, oath, radius, gssapi, PAM, PKCS#11, AnyConnect
GnuTLS version: 3.6.8

P.S. PAM authentication works perfectly with local and MS AD (sssd) accounts.