Am Sat, 7 Nov 2015 20:53:38 +0100 schrieb Dieter Klünter <[email protected]>:
> Am Sat, 7 Nov 2015 14:33:22 +0100 > schrieb Michael Ströder <[email protected]>: > > > Dieter Klünter wrote: > > > 6. added credentials by ldappasswd > > > userPassword:: > > > e1RPVFAxfU5CVUVJNktFSk1ZRENOQlRHSTJUTVFLQ0lOQ0E9PT09 > > > > I have not really tried the module myself yet but I note that the > > key is actually 21 bytes long (see below). Shouldn't that be 20 > > bytes? > > > > Ciao, Michael. > > > > Python 2.7.10 (default, May 24 2015, 14:46:10) [GCC] on linux2 > > >>> 'e1RPVFAxfU5CVUVJNktFSk1ZRENOQlRHSTJUTVFLQ0lOQ0E9PT09'.decode('base64') > > '{TOTP1}NBUEI6KEJMYDCNBTGI2TMQKCINCA====' > > >>> s='NBUEI6KEJMYDCNBTGI2TMQKCINCA===='.decode('base64') > > >>> len(s) > > 21 > > The TOTP1 string is base32 encoded, not base64. > With regard to length, this might be a bug in google Authenticator, as > it would not accept a credential string shorter than mine. Just for the records: the pw-totp has not a bug. The so called SMART devices are not smart at all. I expected them to convert user password to a base32 string, which they don't. To produce a totp numberstring, the valid base32 string has to be entered to the smart device application. I have successfully tested it with google authenticator, Sophos authenticator and FreeOTP. -Dieter -- Dieter Klünter | Systemberatung http://sys4.de GPG Key ID: E9ED159B 53°37'09,95"N 10°08'02,42"E
