HP-UX AAA Server A.07.01 Administrator's Guide
Use the following information to understand how to configure the HP-UX AAA Server
and the attributes you can use to customize actions on varying levels.
• “Advanced OTP Authentication Configuration Concepts” (page 169)
— “Attributes for Configuring OTP Authentication” (page 172)
◦ “System-Wide OTP Configuration Items” (page 174)
◦ “Realm Level OTP Attributes” (page 175)
◦ “User Level OTP Attributes” (page 176)
Advanced OTP Authentication Configuration Concepts
The HP-UX AAA Server processes all OTP authentication requests depending on the
bit mask set in the OTP-ActionId attribute in the request-ingress.grp file.
You can configure the HP-UX AAA Server to perform various OTP authentication
tasks by setting the bit masks in the OTP-ActionId attribute and by configuring other
configuration files. For more information on the OTP-ActionId attribute, see
“Attributes for Configuring OTP Authentication” (page 172). Table 16-1 lists the bit
masks that can be used to configure the HP-UX AAA Server to perform various tasks.
Table 16-1 Bit Masks to Configure OTP Authentication Tasks
ActionBit MaskTask
On receiving the incoming request, the HP-UX AAA
Server splits the request into password and OTP based
7Splits the incoming password in
to password and OTP.
on the number of digits specified in OTP token length
as follows:
If the number of digits specified in the OTP token
length is 7, the last 7 characters are identified as OTP.
The HP-UX AAA Server validates the password from
the User-Password attribute.
6Validates the password.
The HP-UX AAA Server validates the incoming OTP.5Validates the OTP.
The HP-UX AAA server generates and stores the OTP
in the Generated-OTP attribute.
4Stores the generated OTP in
Generated-OTP attribute.
The HP-UX AAA Server removes the password from
the incoming password and replaces the
3Removes the password
User-Password attribute with OTP. This bit mask must
be used if the User-Password attribute contains the
password and OTP.
Configuring OTP Authentication on the HP-UX AAA Server 169