GIT – The Authenticator project includes implementations of one-time passcode generators for several mobile platforms, as well as a pluggable authentication module (PAM). One-time passcodes are generated using open standards developed by the Initiative for Open Authentication (OATH) (which is unrelated to OAuth).

These implementations support the HMAC-Based One-time (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238.

Here is how to the Google 2 factor application for pam

yum install gcc gcc++ make python python-devel git pam-devel
cd /tmp
git clone https://code.google.com/p/google-authenticator/
cd google-authenticator/libpam
make
make install

To enable ssh 2 factor:

sed -i '1 a\ auth required pam_google_authenticator.so' /etc/pam.d/sshd

Make sure that challenge response is listed as YES in your SSHD config

...
ChallengeResponseAuthentication yes

Login as the user you want to protect and run:

google-authenticator
Print Friendly

Comments

comments

Bài viết liên quan