totp-cgi icon indicating copy to clipboard operation
totp-cgi copied to clipboard

Published 20 hours ago verified publisher icon mricon

Metadata

A centralized totp solution based on google-authenticator

TOTPCGI

A centralized totp solution based on google-authenticator

.. image:: https://travis-ci.org/mricon/totp-cgi.svg?branch=master :target: https://travis-ci.org/mricon/totp-cgi :alt: Build Status

:Author: [email protected] :Copyright: Konstantin Ryabitsev and contributors :License: GPLv2+ :Version: 0.6.0

DECRIPTION

The idea of totpcgi (pronounced "Toopy-CGI") came when lamenting that google-authenticator implementation is "almost there" to be used as a generic org-wide 2-factor solution, but is annoyingly written to be a one-secret-per-service (or -per-host) solution. Thus, totpcgi was born, which uses files generated by google-authenticator and serves them from a central installation.

It is intended to be used with pam_url_.

.. _pam_url: https://fedorahosted.org/pam_url/

FEATURES

  1. Fully interoperable with Google-Authenticator
  2. Uses Google-Authenticator-generated secret files
  3. Supports pincodes (i.e. users log in with 'usercode555555')
  4. Supports file-based state backend for non-redundant installations and Postgresql for load-balanced setups.
  5. Supports encrypting the Google-Authenticator master secret with the user's pincode.
  6. Supports web-based provisioning to generate Google-Authenticator compatible files (or database entries).

REQUIREMENTS

  1. pyotp_
  2. google-authenticator_ to generate the .totp files by hand
  3. flup_ (for .fcgi only)
  4. psycopg2_ (for postgresql backend support)
  5. py-bcrypt_ (for pincode support using bcrypt)
  6. pycrypto_ and passlib_ (for encrypted-secret support)
  7. pam_url_ (for PAM support)
  8. python-qrcode_ (for provisioning support)
  9. MySQL-python_ (for MySQL backend support)

All of these dependencies are in EPEL for RHEL 6.

.. _pyotp: https://github.com/nathforge/pyotp .. _google-authenticator: https://code.google.com/p/google-authenticator/ .. _flup: http://trac.saddi.com/flup .. _psycopg2: http://initd.org/psycopg/ .. _py-bcrypt: https://code.google.com/p/py-bcrypt/ .. _pycrypto: https://www.dlitz.net/software/pycrypto/ .. _passlib: https://code.google.com/p/passlib/ .. _python-qrcode: https://github.com/lincolnloop/python-qrcode .. _MySQL-python: http://sourceforge.net/projects/mysql-python/

AUTHORS

SUPPORT

Please open an issue on GitHub: https://github.com/mricon/totp-cgi/issues

Metadata

127
Stars
30
Forks
Watchers

Owner

verified publisher icon mricon

Metadata

A centralized totp solution based on google-authenticator

Back