2-factor Authentication with OpenLDAP, OATH-HOTP and Yubikey
In this lightning talk I present an approach for using an LDAP server directly as OATH-HOTP backend using Yubikey as 2nd factor for a simple bind request.
A current implementation uses OpenLDAP’s back-sock used as overlay to intercept the bind requests and pass them to an external process which does the OTP validation.
Challenges in a two-tier replication setup up are briefly discussed.
2-FACTOR AUTHENTICATION WITH OPENLDAP, OATH-HOTP AND YUBIKEY – slides