<< Back to part 2 <<
4. Install google authenticator PAM module
We need to install pam-devel package to rebuild the google lib PAM module.# yum install pam-devel
Follow up : http://code.google.com/p/google-authenticator/ to download libpam-google-authenticator source code.
# wget http://google-authenticator.googlecode.com/files/libpam-google-authenticator-1.0-source.tar.bz2
# tar xvf libpam-google-authenticator-1.0-source.tar.bz2
# cd libpam-google-authenticator-1.0-source.tar.bz2
# make install
...........
...........
cp pam_google_authenticator.so /lib64/security
cp google-authenticator /usr/local/bin
/lib64/security/pam_google_authenticator.so : PAM module to authenticate.
/usr/local/bin/google-authenticator : execute bin file to generate QR code.
To display the QR code in console terminal, we need to install the qrencode package :
To display the QR code in console terminal, we need to install the qrencode package :
# yum install qrencode
On the vpn server, create a new user (alice), and set password for her - for ex : 123456
# useradd alice
# passwd alice
Su to her : # su - alice
Execute google-authenticator under alice :
$ google-authenticator
The terminal will display the QR code for alice like this :
Answer y to the rest questions.Su to her : # su - alice
Execute google-authenticator under alice :
$ google-authenticator
The terminal will display the QR code for alice like this :
Take this screenshot and email to her.
Alice will need google-authenticator app ( https://itunes.apple.com/en/app/google-authenticator/id388497605?mt=8 ) to scan the QR code, then she will have one time password generated every minute like this :
No comments:
Post a Comment