when using pam_yubico.so for authentication in /etc/pam.d/sudo the sudo process hangs indefinitely and cant be killed or ctrl+c. The system has to be booted to clear the state. I have reproduced this on serveral systems physical and virtual on 12.0-RELEASE as well as 12.1-RELEASE p1-4. There is no output or logs that I have found the process just blocks forever.
FWIW you can kill it by changing terminals
( CTRL+ALT+F<num> ) and login as someone in the
wheel group and perform a ps waux | grep sudo
which should provide a pid number you HUP as in
kill -HUP <pid number>
or perhaps even killall sudo might work.
A PITA, but probably better than bouncing your box. :)
While this won't fix your issue. I just thought it
might help in the interim. :)
(In reply to Chris Hutchinson from comment #1)
I tried kill -9 on it but it never dies. I did not try kill -HUP.
issue still seems to exist on 12.1-RELEASE-p8. Sudo with yubikey enabled hangs indefinitely and the processes dont respond to kills
I updated to 12.2 p4 and still have the same issue; after running sudo -i the sudo command hangs indefinitely, with one minor difference. Now if I kill the sudo process from another terminal and immediately run sudo again I do get a valid shell without the hang. I put the pam_yubico module in debug mode and see that it is indeed getting a success and finishing the module. If I add the pam_unix module after the pam_yubico module the pam_unix module does ask for a password. After getting past the yubico module and entering the password requested by the pam_unix module it still hangs indefinitely.