Frank Groeneveld <[email protected]> writes: > Hello all, > > I'm thinking about switching to HOTP authentication for our company > servers. However, when using two-factor authentication, the passwords > is in plain text in /etc/users.oath. Is it possible to used hashed > passwords there as well?
Hi Frank. No, it is not possible right now. Ideally, I think the proper way to do this is to let pam_oath take care of validating the OATH OTP part only, and let another PAM module take care of validating the password. I'm just waiting for someone to ask about storing passwords in LDAP.... that would also ideally best be taken care of by another PAM module and some fancy PAM configuration. If someone has any ideas on how this would work, please share them. /Simon
