pam with mobile otp

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi there,

as there is no mailing list devoted to the mobile one-time-password
package, I have thought it was good to post my questions here. /

I get

   pam_mobile_otp[23810]: passcode not accepted

messages in /var/log/messages, but that is all. Even I set max
maxdiff=36000 to auth, but to no avail.

I have set in /etc/pam.d/sshd the following:

auth       sufficient   /lib64/security/ not_set_pass
debug maxdiff=36000
password   required     /lib64/security/ debug
account    required     /lib64/security/ debug
#auth      required
#auth       substack     password-auth
#auth       include      postlogin
#account    required
#account    include      password-auth
#password   include      password-auth
## close should be the first session rule
#session    required close
#session    required
## open should only be followed by sessions to be
executed in the user context
#session    required open env_params
#session    optional force revoke
#session    include      password-auth
#session    include      postlogin

I have commented out all default settings as I wanted to experiment
with only mobile otp. Was it a mistake?

Otherwise, I followed the blog post and found that the epoch
difference between my mobile and the server is 11, which should be
acceptable even with the default time window.

So, anybody has a clue how to continue?

- Gergely

Re: pam with mobile otp

Quoted text here. Click to load it

Not quite what you asked for, but have you considered Google
Authenticator instead? /

Dag-Erling Smørgrav -

Re: pam with mobile otp

Quoted text here. Click to load it

Yes, I have considered, but they support only the smartphones, while
Mobile Otp works on any phone that runs the Java VM.

- Gergely

Site Timeline