HP-UX AAA Server A.07.01 Administrator's Guide
Table 16-2 Common OTP Authentication Actions (continued)
Bit Mask SetOTP-ActionId ValueAction
0010100040Validates only the password and stores the
generated OTP in the Otp-In-Attribute
attribute if the incoming request contains only
password.
0010000032Validates only the password when the incoming
request contains only the password. This action is
equivalent to the configuration for password
authentication. HP recommends using the default
configuration for better performance.
0001000016Validates the OTP if the incoming request contains
only the OTP.
000000011Returns the proxy event to proxy the request to
the configured proxy target server in the
proxy-egress.grp policy file. This is equivalent
to the default proxy configuration. HP
recommends using the default configuration for
better performance.
Attributes for Configuring OTP Authentication
Table 16-3 lists attributes that provide additional options for customizing your
configuration. These attributes can be configured on a user, realm, or a system-wide
level.
Table 16-3 Attributes for Configuring OTP Authentication
DescriptionConfiguration TypeAttribute Name
Specifies the size of the look ahead window.
This enables the HP-UX AAA Server
User, realm, or
system-wide level
Otp-Lookup-Window
recalculate the next OTP values and check
against the received OTP to synchronize the
sequence counter. If this attribute is not
specified, the value of system wide
configuration entry otp_lookup_window is
used as the default value.
Default Value 10
Value Type integer
Specifies an eight-byte counter value. The
HMAC algorithm requires this counter value
to generate an OTP.
This counter value must be synchronized
between the OTP generator and the HP-UX
User level configuration
only
HOtp-Seq-Counter
AAA Server. This attribute is mandatory for
each user.
Value Type unsigned char
172 OATH Standards-Based OTP Authentication