Skip to content

ay-b/linux_onetime_password

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 

Repository files navigation

Linux user one time password script

This is a script for having one-time passwords to connect to the servers from the places you're not sure are safe. Or in case you are away from the computer with the ssh-keys that server knows.
By default script uses user "looper" — change it to your desired username.
By default it uses simple function to generate a somewhat random number, combine it with the current system time and hash it twice then to get as most random sequence as possible without any dependencies.
You're free to code any function you prefer to get any random character sequence.
The resulting hash is the password.
Your secret is the username used to login.
Script gives you 10 seconds to enter the revealed password, then resets it again.

Second variant to generate one-time password and don't expose it in plain text:

	PW=$((RANDOM % 1234567890 * $((RANDOM % 1234567890))))
	echo "looper:$PW" | chpasswd
	echo $(($PW * 123)) | sed ':a;s/\B[0-9]\{3\}\>/ &/;ta' > /tmp/pw

Note the '123' multiplier — this is a "second secret" which you have to use to get real password. So you have to divide the exposed number by 123 to know the one-time password (keep in mind 20 seconds countdown to next reset)

You can enchance security even more, by placing the script to another server thus it will change the password over ssh-connection Change the line 28 to: ssh [email protected] "echo "looper:$PW" | chpasswd" Just don't forget to add key from originating server to the host and use correct user.

How to use: Place this script to any accessible path, e.g. /usr/share/bin chmod +x on it Add script with the full path to the /etc/rc.local to launch it at every boot.

Have fun.

About

Linux one-time password generator script

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages