Hello! I tried oath-toolkit last week, got it working and found some issues that I would like share.
I was interested in running my services, like remote login with ssh, with tow-factor authentication, with OTP first, and then normal password. Installing in Ubuntu 13.4 was straight forward, thank you for the packages. I did not try to build from source. On a second machine I run Debian testing, installing libpam-oath and oathtools pulls in liboath0. Maybe libpam-oath should recommend or suggest oathtools, it comes in handy when testing the configuration. The README in libpam-oath is the general oath-toolkit readme. The pam-oath README with instructions is missing. To get the pam module working, I followed the tutorial in pam-oath/README from the web page. Some things I noticed: * I ran the examples with my system /etc/pam.d/su, adding the config lines just at the beginning of the file. This gave me instant two-factor authentication: First OTP, then standard password. * In the section "Configuration", one line for testing plain HOTP reads: > So let’s test this by running su. At the prompt, you type the > password (in this example, "pw") concatenated with the OTP (in this > example, "328482"). This worked for me without the password "pw", which is only demonstrated in the next section. I guess this should be only the OTP. * In the section "Two-factor authentication" an OTP with password is demonstrated. This worked for me, but no hint is given how to generate more of them. Moreover I wonder if this is supported by any other tools for HTOP. * I tried to get TOTP working, which is what I intended to use. No help in the docs how to do this. I read up a little code, and found some hints how this could be done. I ended up using HOTP/T30/6 root - "MYKEYINHEX" This was surprising for me, as I would at least have expected the line to start with "TOTP". Most important, it's not documented, which is a pity. <rant>I like Open Source for the possibility to look things up in the code, but I do not like it if the code is the only source to fill gaps in the documentation :-) Moreover code and/or comments in code is no replacement for proper specification, technical and user documentation.</rant> ** I'd find it more intuitive to start TOTP keys with TOTP instead of HOTP. If a third authentication scheme is added, this issue would arise anyway. * The next stumbling block was the difference between hex encoding and base32. Most tools for HOTP/TOTP I saw in the last days use base32. Getting a hex representation of the base32 key was difficult. Finally I found out that oathtool prints out both encodings in verbose output. But first I had to find out that the key in /etc/users.oath has to be in hex encoding, which was not documented. What I would have been happy about: ** documentation about the fields in users.oath, possible values and encodings ** A possibility to state the key in base32 in /etc/users.oath ** A option in oathtool that converts both ways between base32 and hex. Finally, this worked with Java TOTP ME 1.6 on my phone, which is what I wanted to get running. Some more things that caught my attention: * /etc/users.oath is changed by libpam-oath. I think this I not good. According to FHS 2.3 [1] files in /etc should be static. I noticed that entries for the counter, last value and last login are stored in the file. For sure this is necessary for running the authentication, at least the counter. What are pros and cons to store variable data in /var/lib? * The counter, OTP and timestamp of the last code are stored in /etc/users.oath. The timestamp of the last login is printed when debug is set in pam configuration. It would be nice to get the counter and/or the last login timestamp when logging in to check if unnoticed logins have happened. * Having passwords/keys in plaintext in a config file is not improving my trust in security of this authentication scheme. I think this was discussed on the mailing list before, still reading up. Any news on this issue? * Having to change a line for every key for every user that changed her key is not going to make libpam-oath very popular. Some tool like passwd would be nice. To handle more keys per user a key ID would be necessary. Any plans? I guess "Code is welcome"... One thing that also works like a charm: I configured two OTPs for root: One TOTP and one HOTP. I'd use TOTP usually, but when I cannot create a time based OTP I'd use a HOTP from my OTP list. This even worked for the same number of digits if no digits constraint is configured. Of course I would not use 6 digits HOTP when I use 6 digit TOTP. I would file the issues as bugs and provide patches - especially documentation - , just wanted to report how it worked for me first. Regards Patrick [1] http://refspecs.linuxfoundation.org/FHS_2.3/fhs-2.3.html#PURPOSE6 -- Engineers motto: cheap, good, fast - choose any two Patrick Strasser <patrick dot wirklich dot priv dot at> PGP Key ID: 0x5A120903
