------------SSH-----------

# yum install pam-devel make gcc-c++ wget

https://google-authenticator.googlecode.com
# tar -jxvf libpam-google-authenticator-1.0-source.tar.bz2
# cd libpam-google-authenticator-1.0
# make
# make install
# google-authenticator
Open the PAM configuration file ‘/etc/pam.d/sshd‘ and add the to the top .
auth       required     pam_google_authenticator.so
Open file ‘/etc/ssh/sshd_config‘
ChallengeResponseAuthentication yes
restart sshd-> done
----------------vsftpd use password as PIN+OTP--------------------
auth       required     pam_google_authenticator.so try_first_pass forward_pass
https://github.com/chregu/GoogleAuthenticator.php/blob/master/example.php

——————- sFTP ——————
Subsystem     sftp   internal-sftp
Match Group sftpgroup
    ChrootDirectory %h
    ForceCommand internal-sftp
    AllowTcpForwarding no
—–
%h = HOME_DIR 755 root:root,
mkdir public_html, chown user:sftpgroup public_html
usermod -g sftpgroup user
mkdir otp; chown user
mv .google_au* otp
/etc/pam.d/sshd
auth       required     pam_google_authenticator.so \
try_first_pass forward_pass \
secret=${HOME}/otp/.google_authenticator

————— Apache ——————-

svn checkout http://google-authenticator-apache-module.googlecode.com/svn/trunk/ google-authenticator-apache-module-read-only

make; make install

Loadmodule authn_google_module modules/mod_authn_google.so
.htaccess
AuthType Basic
AuthName "BasicAuth with OTP"
AuthBasicProvider "google_authenticator"
Require valid-user
GoogleAuthUserPath /home/www/xxx/otp/site
GoogleAuthCookieLife 3600
GoogleAuthEntryWindow 4

--file /home/www/xxx/otp/site/username--
ZZZAAAOTPPINCODEAAAZZZ
"PASSWORD=mySecret
------
auth with username, password = mySecret+OTP