Google authenticator with Openldap or Fedora 389 Server or FreeIPA
After a little googling I could see some references of configuring Google Authenticator with Windows Active Directory, however, I could not see how I could do it on Linux/CentOS system.
What would be involved in setting up Google Authenticator on Linux (CentOS) with OpenLDAP or 389 Directory Server?
Solution 1:
On most Unix systems you would use the Google Authenticator PAM module to add Google Authenticator capability to your system.
A the moment I believe this is entirely separate from any other authentication such as password files or LDAP centralized authentication -- adding LDAP capability to the PAM module (for centralized secrets) would definitely be a worthwhile programming project, and if you need that sort of centralization and are willing to do the coding to make it happen lots of people would probably appreciate the capability...
Solution 2:
TOTPCGI does exactly that -- a centralized infrastructure utilizing Google authenticator tokens. It's used on Fedora project systems.