>We use TOTP. That allows us to tack the token on the end of the
>password. That makes it easy to fix programs that expect a simple
>password prompt.
>
>In fact I have a wrapper that can be interposed around pretty much
>anything use LD_PRELOAD.
>[...]
Well, that answers PART of my question. And
I’m not using that code now. When using it for real I would generate a special
key tab with a user that had no permissions to do anything or use the host key
tab depending upon the application.
Our staff and a few users have TOTP set for their account, so it has to work
for everything. Logins u
We use TOTP. That allows us to tack the token on the end of the password. That
makes it easy to fix programs that expect a simple password prompt.
In fact I have a wrapper that can be interposed around pretty much anything use
LD_PRELOAD.
https://github.com/clhedrick/kerberos/blob/master/radius