How can I add custom two-factor authentication with C++, Pam & Ubuntu?
I am looking to add my own 2-factor authentication to my ubuntu linux server with c++. I am going to have my asterisk box call my cell phone with a unique 开发者_如何学CID, which must be entered at the linux login prompt, before or after a password, with (or) without a certificate - depending on how I configure it. Either way, I'd like this extra entry step as a part of the login.
Should I use PAM for this? If so, can someone point me to a sample of extra input w/Pam and login?
Duo's (my employer) two-factor auth is free for up to 10 users, or for any open-source project. It includes a utility which can add secondary authentication to SSH logins, as well as a C API and PAM support.
http://blog.duosecurity.com/2011/04/announcing-duos-two-factor-authentication-for-unix/
I would take a look at Moxie Marlinspike's Barada, which uses an Android application and a PAM module for two-factor auth using HOTP. Barada's PAM module source might prove useful for you.
I've written a c++ application to change the password of accounts listed in a MySQL database to be "Pin Number" + OpenSSL Library's RNG to create a 8 letter password - it combines them and forces a password change every 60 seconds.
精彩评论