Difference between revisions of "FreeOTP"

From Pabut
Jump to navigation Jump to search
 
(5 intermediate revisions by the same user not shown)
Line 2: Line 2:
 
** [https://itunes.apple.com/us/app/freeotp-authenticator/id872559395?mt=8 APPLE IOS] ([https://github.com/freeotp/freeotp-ios source])
 
** [https://itunes.apple.com/us/app/freeotp-authenticator/id872559395?mt=8 APPLE IOS] ([https://github.com/freeotp/freeotp-ios source])
 
** [https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp ANDROID] ([https://github.com/freeotp/freeotp-android source])
 
** [https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp ANDROID] ([https://github.com/freeotp/freeotp-android source])
 +
 +
 
* Install oathtool
 
* Install oathtool
 
  sudo apt-get install oathtool
 
  sudo apt-get install oathtool
 
* generate a random key
 
* generate a random key
  roschews@runner:~$ head -10 /dev/urandom | md5sum
+
  freddy@runner:~$ head -10 /dev/urandom | md5sum
 
  5f0b169ad85959ddacc7fc1c28804ef9  -
 
  5f0b169ad85959ddacc7fc1c28804ef9  -
 +
'''''WARNING: Generate your own KEY do not use this example!!'''''
 +
 
* Run oathtool to get the base32 version of the key
 
* Run oathtool to get the base32 version of the key
  roschews@runner:~$ oathtool --totp --verbose 5f0b169ad85959ddacc7fc1c28804ef9
+
  freddy@runner:~$ oathtool --totp --verbose 5f0b169ad85959ddacc7fc1c28804ef9
 
  Hex secret: 5f0b169ad85959ddacc7fc1c28804ef9
 
  Hex secret: 5f0b169ad85959ddacc7fc1c28804ef9
 
  Base32 secret: L4FRNGWYLFM53LGH7QOCRACO7E======
 
  Base32 secret: L4FRNGWYLFM53LGH7QOCRACO7E======
Line 19: Line 23:
 
   
 
   
 
  125184
 
  125184
* go to [https://freeotp.github.io/qrcode.html https://freeotp.github.io/qrcode.html] to create a QR code to load into the app
+
* go to [https://freeotp.github.io/qrcode.html https://freeotp.github.io/qrcode.html] to create a QR code to load into the app (you could type the base32 key into the app directly but you'll never get it right). Put the "Base32 secret" from above into the fourth box. Ignore the "=" signs.
 +
[[File:Freeotp-example.png]]
 +
* open the app and scan the QRcode on the screen
 +
 
 +
That's just about it .... if you run "oathtool --totp 5f0b169ad85959ddacc7fc1c28804ef9" on the server, assuming you're closks are sync'd, it should match the numbers in the FreeOTP app.
 +
 
 +
Next step is to integrate that into LINUX PAM, using libpam-oath, or into your application using the other oath libraries out there.
 +
 
 +
* Other handy tools for debugging:
 +
** [https://cryptii.com/pipes/base32-to-hex https://cryptii.com/pipes/base32-to-hex] base32 to hex encode / decode

Latest revision as of 15:11, 4 September 2019


  • Install oathtool
sudo apt-get install oathtool
  • generate a random key
freddy@runner:~$ head -10 /dev/urandom | md5sum
5f0b169ad85959ddacc7fc1c28804ef9  -

WARNING: Generate your own KEY do not use this example!!

  • Run oathtool to get the base32 version of the key
freddy@runner:~$ oathtool --totp --verbose 5f0b169ad85959ddacc7fc1c28804ef9
Hex secret: 5f0b169ad85959ddacc7fc1c28804ef9
Base32 secret: L4FRNGWYLFM53LGH7QOCRACO7E======
Digits: 6
Window size: 0
Step size (seconds): 30
Start time: 1970-01-01 00:00:00 UTC (0)
Current time: 2019-09-04 15:24:00 UTC (1567610640)
Counter: 0x31D53F8 (52253688)

125184
  • go to https://freeotp.github.io/qrcode.html to create a QR code to load into the app (you could type the base32 key into the app directly but you'll never get it right). Put the "Base32 secret" from above into the fourth box. Ignore the "=" signs.

Freeotp-example.png

  • open the app and scan the QRcode on the screen

That's just about it .... if you run "oathtool --totp 5f0b169ad85959ddacc7fc1c28804ef9" on the server, assuming you're closks are sync'd, it should match the numbers in the FreeOTP app.

Next step is to integrate that into LINUX PAM, using libpam-oath, or into your application using the other oath libraries out there.