Hi,
>> I think the idea of bringing OTP to busybox is really >> great. It would certainly be useful in our projects. > > I'm scratching my own itch there :-) Keep scratching, it is looking good... > It will allow me to run telnetd again on my DSL modem and also use > shellinabox from "not-so-friendly" computers. > >> 2) Would it be possible to leave the 2:nd channel (delivery of the pin) >> to a separate user supplied script? In that case it would be simple for >> the admin to setup the delivery as desired by eg. a simple shell script, >> SMS, HTTP(S), netcat magic, SMTP, etc.? This would be a very simple, >> and yet flexible and powerful approach. > > It is an excellent idea to give flexibility. > > It should be possible to define which application will be run to > present the pin to the user - possibily in the same file where the > shared secrets are stored, so that each user can have its own delivery > (email for someone, web-sms gateway for someone else, etc.). > > Example : /etc/otp > $USER:$SHAREDSECRET:$DELIVERY > > $DELIVERY would simply be the path to a script, with say $1 as the pin > to deliver and $2 as the user to deliver it to to offer flexibility. Seems like a good, simple and flexible "interface" between the core OTP and the delivery script/app. > The file would be optional (if delivery is not defined, simply display > the pin within login by default) - along with a default shared secret, > randomly generated at compile-time . The default may also apply if the user is not found in the file. > At the moment I'm working with Dragonfly DMA, to allow delivery by > email (it's a very small SMTPD implementation that would be great in > busybox). You may be interested in checking out DMA. Neat! /Sven _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
