OTP feature for /bin/login

[Tito]

On Monday 07 May 2012 21:30:56 Guylhem wrote:
> Hello
> 
> On Mon, May 7, 2012 at 4:13 PM, Sven-Göran Bergh
> <svengbergh-busybox at yahoo.com> wrote:
> > I think the idea of bringing OTP to busybox is really
> > great. It would certainly be useful in our projects.
> 
> I'm scratching my own itch there :-)
> 
> It will allow me to run telnetd again on my DSL modem and also use
> shellinabox from "not-so-friendly" computers.
> 
> > 2) Would it be possible to leave the 2:nd channel (delivery of the pin)
> > to a separate user supplied script? In that case it would be simple for
> > the admin to setup the delivery as desired by eg. a simple shell script,
> > SMS, HTTP(S), netcat magic, SMTP, etc.? This would be a very simple,
> > and yet flexible and powerful approach.
> 
> It is an excellent idea to give flexibility.
> 
> It should be possible to define which application will be run to
> present the pin to the user -  possibily in the same file where the
> shared secrets are stored, so that each user can have its own delivery
> (email for someone, web-sms gateway for someone else, etc.).
> 
> Example : /etc/otp
> $USER:$SHAREDSECRET:$DELIVERY

Hi,
as plaintext passwords are not widely used nowadays,
do you plan to store the shared secret encrypted?
 
> $DELIVERY would simply be the path to a script, with say $1 as the pin
> to deliver and $2 as the user to deliver it to to offer flexibility.
> 
> The file would be optional (if delivery is not defined, simply display
> the pin within login by default) - along with a default shared secret,
> randomly generated at compile-time .
> 
> At the moment I'm working with Dragonfly DMA, to allow delivery by
> email (it's a very small SMTPD implementation that would be great in
> busybox). You may be interested in checking out DMA.

There is sendmail in busybox.
 
> Guylhem

Ciao,
Tito