TOTPCGI ======= --------------------------------------------------------- A centralized totp solution based on google-authenticator --------------------------------------------------------- :Author: mricon@kernel.org :Date: 2012-12-03 :Copyright: Konstantin Ryabitsev and contributors :License: GPLv2+ :Version: 0.5.4 DECRIPTION ---------- The idea of totpcgi (pronounced "Toopy-CGI") came when lamenting that google-authenticator implementation is "almost there" to be used as a generic org-wide 2-factor solution, but is annoyingly written to be a one-secret-per-service (or -per-host) solution. Thus, totpcgi was born, which uses files generated by google-authenticator and serves them from a central installation. It is intended to be used with pam_url_. .. _pam_url: https://fedorahosted.org/pam_url/ FEATURES -------- 1. Fully interoperable with Google-Authenticator 2. Uses Google-Authenticator-generated secret files 3. Supports pincodes (i.e. users log in with 'usercode555555') 4. Supports file-based state backend for non-redundant installations and Postgresql for load-balanced setups. 5. Supports encrypting the Google-Authenticator master secret with the user's pincode. 6. Supports web-based provisioning to generate Google-Authenticator compatible files (or database entries). REQUIREMENTS ------------ 1. pyotp_ 2. google-authenticator_ to generate the .totp files by hand 3. flup_ (for .fcgi only) 4. psycopg2_ (for postgresql backend support) 5. py-bcrypt_ (for pincode support using bcrypt) 6. pycrypto_ and passlib_ (for encrypted-secret support) 7. pam_url_ (for PAM support) 8. python-qrcode_ (for provisioning support) All of these dependencies are in EPEL for RHEL 6. .. _pyotp: https://github.com/nathforge/pyotp .. _google-authenticator: https://code.google.com/p/google-authenticator/ .. _flup: http://trac.saddi.com/flup .. _psycopg2: http://initd.org/psycopg/ .. _py-bcrypt: https://code.google.com/p/py-bcrypt/ .. _pycrypto: https://www.dlitz.net/software/pycrypto/ .. _passlib: https://code.google.com/p/passlib/ .. _python-qrcode: https://github.com/lincolnloop/python-qrcode AUTHORS ------- * Konstantin Ryabitsev <mricon@kernel.org> * Andrew Grimberg <agrimberg@linuxfoundation.org> SUPPORT ------- Please open an issue on GitHub: https://github.com/mricon/totp-cgi/issues