------------SSH-----------
# yum install pam-devel make gcc-c++ wget
https://google-authenticator.googlecode.com# tar -jxvf libpam-google-authenticator-1.0-source.tar.bz2# cd libpam-google-authenticator-1.0 # make # make install # google-authenticatorOpen the PAM configuration file ‘/etc/pam.d/sshd‘ and add the to the top .auth required pam_google_authenticator.soOpen file ‘/etc/ssh/sshd_config‘
ChallengeResponseAuthentication yesrestart sshd-> done----------------vsftpd use password as PIN+OTP--------------------auth required pam_google_authenticator.so try_first_pass forward_passhttps://github.com/chregu/GoogleAuthenticator.php/blob/master/example.php——————- sFTP ——————
Subsystem sftp internal-sftp Match Group sftpgroup ChrootDirectory %h ForceCommand internal-sftp AllowTcpForwarding no—–%h = HOME_DIR 755 root:root,mkdir public_html, chown user:sftpgroup public_htmlusermod -g sftpgroup usermkdir otp; chown usermv .google_au* otp/etc/pam.d/sshdauth required pam_google_authenticator.so \try_first_pass forward_pass \secret=${HOME}/otp/.google_authenticator————— Apache ——————-
svn checkout http://google-authenticator-apache-module.googlecode.com/svn/trunk/ google-authenticator-apache-module-read-only
make; make install
Loadmodule authn_google_module modules/mod_authn_google.so.htaccessAuthType Basic AuthName "BasicAuth with OTP"AuthBasicProvider "google_authenticator" Require valid-user GoogleAuthUserPath /home/www/xxx/otp/site GoogleAuthCookieLife 3600 GoogleAuthEntryWindow 4--file /home/www/xxx/otp/site/username--ZZZAAAOTPPINCODEAAAZZZ"PASSWORD=mySecret------auth with username, password = mySecret+OTP