GitHub - nevins-b/pam_totp: a fork of pam_url to work as a two factor solution for totp-cgi

nevins-b / pam_totp Public

Notifications You must be signed in to change notification settings
Fork 2
Star 6

a fork of pam_url to work as a two factor solution for totp-cgi

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 22 Commits
examples		examples
tests		tests
.gitignore		.gitignore
AUTHOR		AUTHOR
COPYING		COPYING
INSTALL		INSTALL
Makefile		Makefile
README		README
pam_totp.c		pam_totp.c
pam_totp.h		pam_totp.h
pam_totp.spec		pam_totp.spec
pam_totp_authenticate.c		pam_totp_authenticate.c

Repository files navigation

pam_totp - Centralized two-factor authentication compatable with Google Authenticator.

This software is opensource software licensed under the GNU Public License version 2.
This software is based on the pam_url module originally created bySascha Thomas Spreitzer <sspreitzer (at) fedoraproject.org>.
http://spreitzer.name/
https://fedoraproject.org/wiki/User:Sspreitzer

USE THIS SOFTWARE WITH ABSOLUTELY NO GUARANTEE AND WARRANTY


/etc/pam.d/sshd or /etc/pam.d/system-auth:

[...]
auth required pam_totp.so [debug] [use_authtok] [config=/etc/pam_totp.conf]
[...]

This line forms the following url encoded POST data:
user=<username>&passwd=<pass>&hostname=<hostname>
It should return either 200 OK with PSK in the body or 400 Bad Request if unsuccessful.

[Features]
- Google Authenticator compatable OTP authentication
- Inline provisiong for new users

[TODO]
- Code audit