[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [OATH-Toolkit-help] Hashed passwords in /etc/users.oath

From: Simon Josefsson
Subject: Re: [OATH-Toolkit-help] Hashed passwords in /etc/users.oath
Date: Tue, 03 Jan 2012 20:05:33 +0100
User-agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.92 (gnu/linux)

Frank Groeneveld <address@hidden> writes:

> Hello all,
> I'm thinking about switching to HOTP authentication for our company
> servers. However, when using two-factor authentication, the passwords
> is in plain text in /etc/users.oath. Is it possible to used hashed
> passwords there as well?

Hi Frank.  No, it is not possible right now.

Ideally, I think the proper way to do this is to let pam_oath take care
of validating the OATH OTP part only, and let another PAM module take
care of validating the password.  I'm just waiting for someone to ask
about storing passwords in LDAP....  that would also ideally best be
taken care of by another PAM module and some fancy PAM configuration.

If someone has any ideas on how this would work, please share them.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]