Vault OTP SSH authorization problem

Good time. I have configuration for vault-ssh-helper and vault server. Want to connect remote host using otp. OTP is successfully generated and comand vault-ssh-helper -verify-only -config /etc/vault-ssh-helper.d/config.hcl -dev gave positive answer. But trying to connect remote hoost I had this in logs
2022/07/18 13:04:58 [INFO] using SSH mount point: ssh
2022/07/18 13:04:58 [INFO] using namespace:
2022/07/18 13:04:58 [ERROR]: uuid is improperly formatted

If I added a concrete user (such as test) I get this response

2022/07/18 12:56:39 ==> WARNING: Dev mode is enabled!

2022/07/18 12:56:39 [INFO] using SSH mount point: ssh

2022/07/18 12:56:39 [INFO] using namespace:

2022/07/18 12:56:39 [ERROR]: uuid string is wrong length
And besides I have this problem both on centos 7 and ubuntu 20.04

Please help…

What version of Vault are you running.

Can you verify the otp with:

curl -X POST -H "X-Vault-Token:$(vault print token)" http://vault:8200/v1/ssh/verify -d '{"otp":"<otp key>"}' 

Good morning? glad that you are starting to help me.
Vault v1.9.4+yckms my vault version
I am using on YandexCloud instance

Please gave concrete example of this «curl -X POST -H “X-Vault-Token:$(vault print token)” http://vault:8200/v1/ssh/verify -d ‘{“otp”:“”}’ » comand, I’ve just started to learn Vault (powerfull product) and not good use all commands

Oh, I did it

So the vault portion is working fine, it sounds like the SSH setup on the host you’re trying to connect to is the issue. Can you go through the steps again to verify that SSH is setup and has the vault key installed?

This is my vault-ssh-helper configs


Seems to be no problems….

This is my /etc/pam.d/sshd may be there is something wrong….I did many manipulations because didn’t understand there is fault. Please help to solve.

trying to connect….and ….

Vault-ssh-helper log……

User is added……

I also think so, pleace give the working examle of pam.d/sshd file and sshd_config file

@Sarevok933219 this isn’t Hashicorp support. This is a community board were we help each other. I don’t have a working example at hand.

Ok, thanks, may be You look at my config files with a have send in screenshot and tell me there is fault? Or You can share it with men who have a lot of experience and they tell the truth…