[Samba] 2 factor authentication with samba
gaiseric.vandal at gmail.com
Fri Jan 24 07:46:53 MST 2014
RSA Authentication Manager + Securid tokens might be an option. It is
a commercial product, not fee. I haven't used it with Windows
desktop authentication for a while. If a remember correctly, you
install the RSA agent for Windows on each PC, then when the user logins
in, he or she is prompted for user id, windows password and Secure ID
passcode. (Passcode is your PIN + the token code that changes every 30
- 60 seconds on your token.) Samba server itself is unaware of the RSA
The RSA agent for linux is a pam agent (or alternately, you can use
RADIUS to talk to RSA server) although getting Samba to work with pam
or other external authentication might require using passwords stored in
plain text or transmitted in the clear or something undesirable.
RSA will provide trials, including tokens.
On 01/22/14 05:18, Sven Schwedas wrote:
> On 2014-01-22 10:57, Christian wrote:
>> has anyone experience using 2 factor auth with samba?
>> I just search for a stable/production ready solution, preferred with otp
>> I have searched through the list archives but couldn't find anything
>> Google just gave me some links to Univention Corporate Server with LinOTP.
> We've been using UCS (albeit without LinOTP) for a few years, it's not
> too bad. You might want to ask their support for details.
>> Has anybody ever done such a setup with samba? And could give me any hints?
> No idea. If all you need are file shares, any generic PAM-based solution
> will work. Domain authentication needs explicit Samba support, however.
>> Best Regards,
More information about the samba