Hi Simon,
That sounds brilliant, thanks so much! I will get testing as soon as possible and come back to you with any feedback. As a side note, I understand how you feel about the userfile concept, but I think for a lot of smaller/personal setups it might make more sense than having to implement something heavyweight like LDAP or a database (unless it was something like sqlite, I guess) to maintain state. Personally, I have pam_oath working on one machine as a test -- soon to be 4-6 others if the multiple-tokens thing works! ;-) -- and I couldn't be happier with how the whole thing is architected. Thanks again! -- Tim On 2012-06-17 00:06, Simon Josefsson wrote: > Tim, Fredrik, > > Please try 1.12.4 which should support multiple lines with different > OATH secrets for a particular user. So for example consider if you have > two devices with different secrest and you want both to permit access, > then you would have two different lines in the usersfile like this: > > HOTP/E user - 333333 > HOTP/E user - 444444 > > State should be kept per-device on each line. > > The implementation uses my first idea, which isn't completely rock > solid, but neither is the entire usersfile concept. It is a > quick'n'dirty solution that works in smaller environments. > > I'd be very interested in hearing whether you managed to get it to work > or not! I have not tested it alot yet. I'll delay uploading this > version to Debian for a while, to avoid unnecessarily uploads in case I > made a mistake. > > /Simon
