Man page - pam_barada(8)

Packages contains this manual

Package:  libpam-barada
apt-get install libpam-barada

Manuals in package:
• barada-add(8)
• pam_barada(8)
Documentations in package:
• libpam-barada

Manual

PAM_BARADA

NAME
SYNOPSIS
DESCRIPTION
MODULE TYPES PROVIDED
EXAMPLES
SEE ALSO

---

NAME

pam_barada - PAM module to allow HOTP authentication

SYNOPSIS

pam_barada.so

DESCRIPTION

This PAM module is designed to provide two-factor authentication support, based on an algorithm outlined in RFC 4226 known as HOTP.

And that’s why this exists. It’s an implementation of the HOTP protocol in the form of a PAM module. Basically, in addition to a normal password, users are also assigned a 128 bit key and arbitrary-length PIN number. Every time you’d like to login using a OTP, you calculate a secure hash based on your assigned PIN and an increasing counter, the result of which is a six character one time password.

While this module could be used in conjunction with many different client devices, it was written specifically with Android devices in mind. There is companion software which runs on Android, so that your phone essentially becomes a SecureID token. All you need to do is open up the software, type in your PIN, and you get back a 6-character number that you can use to login to your system.

MODULE TYPES PROVIDED

Only the auth type is provided.

EXAMPLES

Add the following line to /etc/pam.d/login to HOTP style login:

auth sufficient pam_barada.so

SEE ALSO

barada-add (8), pam.conf (5)
RFC 4226 - HOTP: An HMAC-Based One-Time Password Algorithm

http://www.rfc-editor.org/rfc/rfc4226.txt

---