google authenticator pam library

We have hosted the application google authenticator pam library in order to run this application in our online workstations with Wine or directly.

Quick description about google authenticator pam library:

google-authenticator-libpam is a Pluggable Authentication Module (PAM) that adds one-time passcodes to Unix and Linux logins using open OATH standards. It plugs into PAM stacks for services like SSH, su, or desktop display managers, prompting users for a time-based (TOTP) or counter-based (HOTP) code after their password. A lightweight enrollment program bootstraps each account by generating a secret, printing a QR code, and writing per-user configuration with safe file permissions. Because verification happens locally, codes work offline and do not depend on any Google service, which suits high-security and air-gapped environments. Administrators can tune skew tolerance, rate limiting, emergency scratch codes, and which PAM control flags enforce 2FA for specific users or groups. The project’s design favors simplicity and auditability, keeping the runtime small and the configuration explicit so it’s easy to review in production change control.

Features:

• PAM module for TOTP and HOTP second factors
• Per-user bootstrap with QR code enrollment and secret storage
• Offline verification with configurable clock skew windows
• Emergency scratch codes and rate-limit defenses
• Fine-grained PAM policy control per service or user
• Minimal dependencies and small attack surface

Programming Language: C.
Categories: