RSS feed

Re: Support OTP

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: Support OTP

Arthur de Jong wrote:
> On Thu, 2019-03-07 at 11:22 -0500, Dave Macias wrote:
>> Any thoughts of including otp ?
> [...]
> The most common way of setting up two-factor authentication is by using
> PAM and have one module for validating the password and one for
> validating the OTP.

See also:                (SMS OTP to a phone)   (Lamport-style "something you 
have" OTPs)

I have used & can recommend otpw for SSHing from a facility where
wallets are allowed, but personal computers/phones are banned.

If you're interested in hardware, see also:

AFAICT Symas's approach happens in slapd, not PAM, so
1) I guess leverages LDAP replication to better keep many auth servers in 
sync?; and
2) talks to Google Authenticator, which is already used on "every" smartphone?
To unsubscribe send an email to or see