Skip to main content

Thread: HOTP authentication at log in question

-

does know if/how possible integrate hotp authentication gdm login manager?

want have ask password of account, prompt come asking code account.

know how set up, i'm know if modifying pam module requiring oath/hotp authentication make happen or if break system...and 1 thing don't want have fix.

your options are:

-- use dedicated module, either made others or made you. there appear exist implementations of one-time-password modules (see http://www.kernel.org/pub/linux/libs/pam/modules.html, section "one-time password authentication") managed reach 1 link; rest gave errors. 1 link saw claims module not production-grade yet.

-- use database user-otp pairs , pam_userdb module. example gmd (or gdm3) configuration file inside /etc/pam.d like:
code:
... previous entries  # standard unix password authenication @include common-auth auth    required    pam_userdb.so db=/path/database [... possibly other options; see http://www.kernel.org/pub/linux/libs...am_userdb.html details ]  ... next entries
you need use pam_exec module update database after succesful authentication (either before or after above line, depending on how populate database). see documentation of pam_exec module details: http://www.kernel.org/pub/linux/libs...-pam_exec.html. see pam page http://www.kernel.org/pub/linux/libs/pam/ further documentation links.

therefore, fisrt option has potential scrue things up. use immature or custom-made code. others; if misconfigure pam typically end-up locked out of system.

second option uses more standard , possibly better tested approach. need implement code populate , keep in sync database one-time passwords.

in case, since modifying files inside /etc/pam.d, relatively easy restore system, copying old versions (provided of course manage login system). if system in question local, 1 can boot rescue disk , restore old configuration back. if system remote, 1 must ensure root shell console remains open while testing new configuration, old configuration can restored right away.

there third option if interested in local logins only: instead of using hotp, use pamusb (that presence of usb dongle in addition password), features 1 time pad mechanism, not easy forge device serials. not same thing, works , may adequate security needs.


Forum The Ubuntu Forum Community Ubuntu Specialised Support Security [ubuntu] HOTP authentication at log in question


Ubuntu

Comments

Post a Comment

Popular posts from this blog

How to change text Component easybook reloaded *newbee* - Joomla! Forum - community, help and support

-
Image
hi all, i started building websites joomla not long ago, can use help.. for got problem guestbook. i have installed easybook. , running on following website http://odoorn321.nl/ (under gastenboek) i want change text: waardering website (is dutch valuate website) waardering. idea rid of word website, because have valuate vacation home, not website. i have made screenshot of text want change. where , how going find css file change text? your appreciated! thanks no one? Board index Joomla! Older Version Support Joomla! 2.5 General Questions/New to Joomla! 2.5
Read more

After Effect warning: A problem occurred when processing OpenGL commands

-
i have after effects cs6 in computer cs5.5 installed. 64bit windows 7 ultimate 20gb memory , 2 amd radeon hd 6900 series display adapters drivers updated hour ago (driver date 27.7.2012, version 8.982.0.0).   when trying use after ecffects, error message " after effect warning: problem occurred when processing opengl commands " when clicking composition window.   what done? not much, i'm afraid. need older graphics driver. other disable second card or play configuration. unfortunately not smart person decided cs6 no longer need manual opengl control user, there's no way suppress within program force-revert software-only modes in case of such issues...   mylenium More discussions in After Effects adobe
Read more

Preconditions Failed. - Joomla! Forum - community, help and support

-
hello! i'm having problem; every time click save&close button, or save button, or close button module; following message appears: "precondition failed the precondition on request url /administrator/index.php evaluated false. additionally, 404 not found error encountered while trying use errordocument handle request." it happens modules. thanks in advance. problem description :: forum post assistant (v1.2.3) : 13th november 2012 wrote: can\'t save changes or close module. log/error message :: forum post assistant (v1.2.3) : 13th november 2012 wrote: precondition failed precondition on request url /administrator/index.php evaluated false. additionally, 404 not found error encountered while trying use errordocument handle request. last php error(s) reported :: forum post assistant (v1.2.3) : 13th november 2012 wrote: [04-mar-2012 01:25:56] php fatal error: call member function get() on non-object in /home/joommmy1/addon/youngstaer/sub/teenace/public_html/templates/...
Read more