1. Background OpenOTP Token is a mobile authentication solution available on iPhone and Android systems which provides secure access for websites, VPNs, Citrix, Cloud Apps, Windows, Linux, SAML, OpenID, Wifi and much more. With OpenOTP Authentication Server, it provides the most advanced user authentication system supporting simple registration with QRCode scan, Software Token based on OATH standards and Approve/Deny login with push notifications. 2. How To Install OpenOTP Token 2.
Documents in Authentication Token
SSH Authentication with a Feitian ePass NFC/FIDO/U2F Security Key Feitian ePass NFC FIDO U2F Security Key can work as a Generic Identity Device Specification (GIDS) smart card. There also are many other manufacturers and card models to which these instructions can be applied, but the specific tools to initialize the card can be different. In this how-to we will prepare a USB/NFC hardware key for SSH authentication and register the device in WebADM.
How To use Feitian c100/c200 Tokens with OpenOTP OpenOTP supports Feitian c100 & c200 Token series. Feitian c100 are OATH-HOTP (event-based) and c200 are OATH-TOTP (time-based). The Tokens are provided with a PSKC import file by Feitian. The file includes the Token secret key in an encrypted or cleartext format. If it is encrypted, the PSKC decryption key should have been provided to you by Feitian. To register a Token with a PSKC file, edit a user account in WebADM and go to the OTP Server Actions.
How To use Vasco Digipass GO6 Tokens with OpenOTP OpenOTP supports Vasco Digipass GO6 Hardware Tokens. Digipass GO6 works with OATH-HOTP (event-based) and OATH-TOTP (time-based). The Digipass GO6 is provided with a PSKC import file by Vasco. The file includes the Token secret key in an encrypted format. The decryption PSKC key is provided by Vasco in a separated document. To register a Vasco GO6 Token: 1) Import the PSKC file either with the import tool in /opt/webadm/websrvs/openotp/bin/pkcs.
Authentication with a Yubikey Smart Card / PIV In this How-To we will configure a user in WebADM for using a PIV key. We need a WebADM server already configured. 1. Import the Inventory We need to create a inventory file like this: "Type","Reference","Description","DN","Data","Status" "PIV Device","<ID1>","PIV Yubikey","","PublicKey=<pub_key1>","Valid" "PIV Device","<ID2>","PIV Yubikey","","PublicKey=<pub_key2>","Valid" "PIV Device","<ID3>","PIV Yubikey","","PublicKey=<pub_key3>","Valid" For my test, I have a Yubikey Nano with a PIV certificate and I use yubico-piv-tool for the management of the Yubikey, but it can works with other PIV keys.