User Tools
аутентификация_с_использованием_opie
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
аутентификация_с_использованием_opie [2011/11/30 10:52] 127.0.0.1 внешнее изменение |
аутентификация_с_использованием_opie [2022/11/14 08:19] (current) val [Ubuntu] |
||
|---|---|---|---|
| Line 5: | Line 5: | ||
| ==== Установка ==== | ==== Установка ==== | ||
| - | === Ubuntu === | + | === Ubuntu 10.04 === |
| <code> | <code> | ||
| root@gate:~# apt-get install opie-server | root@gate:~# apt-get install opie-server | ||
| </code> | </code> | ||
| + | |||
| + | === Ubuntu/Debian поздних версий === | ||
| + | |||
| + | * !!! Отсутствует !!! | ||
| + | |||
| + | === FreeBSD === | ||
| + | |||
| + | * Входит в состав базового ПО | ||
| + | |||
| ==== Инициализация opie для пользователя ==== | ==== Инициализация opie для пользователя ==== | ||
| <code> | <code> | ||
| - | gate# su user1 | + | user1$ opiepasswd -c -f |
| - | $ opiepasswd -c -f | + | |
| ... | ... | ||
| Enter new secret pass phrase: opassword1 | Enter new secret pass phrase: opassword1 | ||
| Line 22: | Line 30: | ||
| <code> | <code> | ||
| gate# cat /etc/opiekeys | gate# cat /etc/opiekeys | ||
| + | </code><code> | ||
| user1 0497 g23394 81a663d5347407bb Oct 19,2006 09:48:53 | user1 0497 g23394 81a663d5347407bb Oct 19,2006 09:48:53 | ||
| </code> | </code> | ||
| - | |||
| ===== pam opie для сервиса sshd ===== | ===== pam opie для сервиса sshd ===== | ||
| ==== FreeBSD ==== | ==== FreeBSD ==== | ||
| - | Не требуется настройки | + | |
| <code> | <code> | ||
| [gate:~] # grep opie /etc/pam.d/sshd | [gate:~] # grep opie /etc/pam.d/sshd | ||
| + | </code><code> | ||
| auth sufficient pam_opie.so no_warn no_fake_prompts | auth sufficient pam_opie.so no_warn no_fake_prompts | ||
| auth requisite pam_opieaccess.so no_warn allow_local | auth requisite pam_opieaccess.so no_warn allow_local | ||
| + | </code><code> | ||
| [gate:~] # cat /etc/ssh/sshd_config | [gate:~] # cat /etc/ssh/sshd_config | ||
| + | </code><code> | ||
| ... | ... | ||
| - | #ChallengeResponseAuthentication yes | + | ChallengeResponseAuthentication yes |
| ... | ... | ||
| </code> | </code> | ||
| - | + | * Из каких сетей можно подключаться UNIX паролем | |
| - | ==== Ubuntu ==== | + | |
| <code> | <code> | ||
| - | root@gate:~# cat /etc/ssh/sshd_config | + | [gate:~] # cat /etc/opieaccess |
| + | </code><code> | ||
| + | ... | ||
| + | permit 192.168.0.0 255.255.0.0 | ||
| + | ... | ||
| + | </code> | ||
| + | ==== Ubuntu 10.04 ==== | ||
| + | <code> | ||
| + | root@gate:~# cat /etc/ssh/sshd_config | ||
| + | </code><code> | ||
| ... | ... | ||
| ChallengeResponseAuthentication yes | ChallengeResponseAuthentication yes | ||
| ... | ... | ||
| - | + | </code><code> | |
| - | root@gate:~# cat /etc/pam.d/sshd | + | root@gate:~# cat /etc/pam.d/sshd |
| + | </code><code> | ||
| ... | ... | ||
| auth sufficient pam_opie.so | auth sufficient pam_opie.so | ||
| # Standard Un*x authentication. | # Standard Un*x authentication. | ||
| ... | ... | ||
| - | + | </code><code> | |
| - | root@gate:~# /etc/init.d/ssh restart | + | root@gate:~# restart ssh |
| </code> | </code> | ||
| - | ===== Клиент OPIE (unix) ===== | + | ===== Клиент OPIE ===== |
| - | ==== Генерация одного пароля ==== | + | |
| + | ==== Unix ==== | ||
| + | |||
| + | === Генерация одного пароля === | ||
| <code> | <code> | ||
| - | $ opiekey 498 g23394 | + | $ opiekey -f 498 g23394 |
| ... | ... | ||
| Enter secret pass phrase: opiepasswd | Enter secret pass phrase: opiepasswd | ||
| PER AND BURT SEE DIVE GILD | PER AND BURT SEE DIVE GILD | ||
| </code> | </code> | ||
| - | ==== Генерация нескольких паролей ==== | + | |
| + | === Генерация нескольких паролей === | ||
| <code> | <code> | ||
| - | $ opiekey -n 6 497 g23394 | + | $ opiekey -f -n 6 497 g23394 |
| ... | ... | ||
| Enter secret pass phrase: opiepasswd | Enter secret pass phrase: opiepasswd | ||
| Line 75: | Line 98: | ||
| </code> | </code> | ||
| - | ===== Клиент OPIE (java) ===== | + | ==== Мобильные клиенты ==== |
| - | [[http://sourceforge.net/projects/otp-j2me/]] | + | |
| + | * [[http://sourceforge.net/projects/otp-j2me/|otp-j2me для телефонов]] | ||
| + | * [[https://play.google.com/store/apps/details?id=de.ub0r.android.otpdroid|OTPdroid]] | ||
| - | ===== Верните настройки в исходное состояние ===== | + | ===== Сервис OTPW ===== |
| + | |||
| + | * [[http://rus-linux.net/MyLDP/sec/SSH-login-with-one-time-passwords.html|Как в Linux получить доступ через SSH с помощью одноразовых паролей]] | ||
| + | * [[https://www.digitalocean.com/community/tutorials/install-and-use-otpw|How To Install and Use OTPW for Single-Use SSH Passwords on Ubuntu 14.04]] | ||
| + | |||
| + | <code> | ||
| + | gate# cat /etc/pam.d/sshd | ||
| + | </code><code> | ||
| + | ... | ||
| + | auth sufficient pam_otpw.so | ||
| + | session optional pam_otpw.so | ||
| + | # Standard Un*x authentication. | ||
| + | @include common-auth | ||
| + | ... | ||
| + | </code><code> | ||
| + | gate# cat /etc/ssh/sshd_config | ||
| + | </code><code> | ||
| + | ... | ||
| + | ChallengeResponseAuthentication yes | ||
| + | ... | ||
| + | </code><code> | ||
| + | student@gate:~$ otpw-gen > nothingtosee.txt | ||
| + | |||
| + | ... | ||
| + | |||
| + | student@gate:~$ rm -r .otpw* | ||
| + | </code> | ||
аутентификация_с_использованием_opie.1322635965.txt.gz · Last modified: 2013/05/22 13:50 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
