YetAnotherPersonalHomepage

Sun 9 Jan 2005

Set up OTP on Debian in minutes

Posted by Ross under Technical

As root install the packages:

  apt-get install libpam-opie opie-server opie-client

My systems only permit ssh, so I ignore the other services. Enable it by editing /etc/pam.d/ssh. Comment out the inclusion of common-auth and add the lines so the file reads:

  #@include common-auth
  auth    sufficient      pam_opie.so
  auth    sufficient      pam_unix.so nullok_secure
  auth    require         pam_deny.so

It might be incovenient but you can enable it globally by editing /etc/pam.d/common-auth:

  #auth    required        pam_unix.so nullok_secure. 
  auth    sufficient      pam_opie.so
  auth    sufficient      pam_unix.so nullok_secure
  auth    require         pam_deny.so

Enable it for the non-root account, by running on a secure console:

  opiepasswd -c

That’s it, you’re done! On your next attempt to log in with ssh you should see similar to:

  $ ssh myhost.example.com
  otp-md5 495 wi01309 ext, Response:

You must be logged in to post a comment.

YetAnotherPersonalHomepage is proudly powered by WordPress
Entries (RSS) and Comments (RSS).
Original theme design by www.vanillamist.com.

Creative Commons Attribution-ShareAlike 3.0 United States

Set up OTP on Debian in minutes

Leave a Reply

Archived Entry