--On Thursday, February 1, 2024 10:55 AM +0100 Bastian Tweddell
<[email protected]> wrote:
Our setup is to use TOTP as 2FA for ssh logins against the centralized
LDAP infrstructure. The ssh-login 1FA is ssh pubkey (also in LDAP) and
2FA is TOTP. To achieve this we use a PAM module which does an ldapbind
against the user-DN which has the userPassword schema '{TOTP1}'.
Maybe I wrong or outdated here and slapo-opt also supports TOTP-only
authentication now?
Ok, makes sense. Yeah, OTP does not support that scenario at this time.
--Quanah
