mod_otpmodule adds the ability to use one-time passwords when ProFTPD authenticates users. One-time password systems are defined by RFC 1938. The module can be used with Heimdal's OTP library, OPIE (One-time Password In Everything), and with the S/Key library.
This module is contained in the
mod_otp.c files for ProFTPD 1.2, and is not compiled by default.
Installation instructions are discussed here.
The most current version of
mod_otp can be found at:
Please contact TJ Saunders <tj at castaglia.org> with any questions, concerns, or suggestions regarding this module.
OTPEngine configuration directives controls whether
mod_otp is used by the server. If used,
will add a challenge when responding to a client's
The user can enter that challenge into an OTP calculator, and enter the
response as the password used for
PASS. If the given
OTP response is incorrect, the daemon will fall back to whichever other
authentication modules are used; an incorrect response will not automatically
prevent a user from logging in.
<IfModule mod_otp.c> OTPEngine on </IfModule>
mod_otp, follow these instructions. After unpacking the tarball, run the
cd mod_otp ./configureTo configure
mod_otpfor use with Heimdal's OTP library:
./configure --with-heimdal-otpThis is the default. To prepare the module for using OPIE:
./configure --with-opieOr, to use S/Key with
./configure --with-skeyNote that on FreeBSD and OpenBSD, S/Key is standard, and requires no additional libraries to be installed. The
configurechecks your system for necessary information and writes a proper
mod_otp.h. Now, copy the
mod_otp.hfiles into the
cp mod_otp.h proftpd-dir/contrib/ cp mod_otp.c proftpd-dir/contrib/after unpacking the latest proftpd-1.2 source code. Follow the usual steps for using third-party modules in proftpd:
./configure --with-modules=mod_otp make make installYou may need to use the
--with-librariesoptions when configuring proftpd to indicate the directories for the chosen OTP implementation's header and library files.