Upload File

mac osx credential provider - rcdevs · 2021. 1. 11. · the openotp credential provider for mac...

  • Home
  • Documents
  • MAC OSX CREDENTIAL PROVIDER - RCDevs · 2021. 1. 11. · The OpenOTP Credential Provider for Mac OSX is a component that integrates the RCDevs OpenOTP one-time password authentication
12
The specifications and information in this document are subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. This document may not be copied or distributed by any means, in whole or in part, for any reason, without the express written permission of RCDevs. Copyright (c) 2010-2017 RCDevs SA. All rights reserved. http://www.rcdevs.com WebADM and OpenOTP are trademarks of RCDevs. All further trademarks are the property of their respective owners. Limited Warranty No guarantee is given for the correctness of the information contained in this document. Please send any comments or corrections to [email protected]. MAC OSX CREDENTIAL PROVIDER

Upload: others

Post on 16-Feb-2021

4 views

Category:

Documents


0 download

Report

TRANSCRIPT

  • The specifications and information in this document are subject to change without notice. Companies, names, and data usedin examples herein are fictitious unless otherwise noted. This document may not be copied or distributed by any means, inwhole or in part, for any reason, without the express written permission of RCDevs.

    Copyright (c) 2010-2017 RCDevs SA. All rights reserved.http://www.rcdevs.com

    WebADM and OpenOTP are trademarks of RCDevs. All further trademarks are the property of their respective owners.

    Limited Warranty

    No guarantee is given for the correctness of the information contained in this document. Please send any comments orcorrections to [email protected].

    MAC OSX CREDENTIALPROVIDER

    http://www.rcdevs.com/mailto:[email protected]

  • This document is an installation guide for the OpenOTP Credential Provider for Mac OSX. Hence, the installation or configuration

    of WebADM, including token registration is not covered in this guide. For installation and usage guides to WebADM refer to the

    RCDevs WebADM Installation Guide and the RCDevs WebADM Administrator Guide available through the RCDevs online

    documentation Website.

    The OpenOTP Credential Provider for Mac OSX is a component that integrates the RCDevs OpenOTP one-time password

    authentication into the Mac OSX login process. RCDevs OpenOTP Authentication Server is a WebApp that is tightly coupled to the

    RCDevs WebADM application server.

    For this recipe, you will need to have WebADM/OpenOTP installed and configured. Please, refer to WebADM Installation Guide and

    WebADM Manual to do it.

    Administrative/elevated permissions are necessary on any Mac OS to correctly set up and/or change the OpenOTP Credential

    Provider’s configuration.

    To correctly setup the provider, please gather the following information. You will need to enter during the installation process:

    The URI(s)s of the OpenOTP web-service(s) (mandatory)

    These URIs are mandatory, the client needs to know where the OpenOTP SOAP network API can be reached. At least one URI

    is necessary.

    A custom login text or tile caption (optional)

    A text that is displayed on the Mac OS login pane.

    A client ID (optional)

    An ID to identify a particular client on the server-side.

    The WebADM certificate authority (CA) file (mandatory for offline login)

    SOAP timeout delay (optional)

    The Credential Provider’s setup and configuration are done in about 5 Minutes. The installer is the only utility that is needed to be

    set up and configures the provider. The provider can be automatically deployed to your clients.

    MAC OSX Credential ProviderMac OSX

    1. Product Documentation

    2. Product Overview

    3. Preliminary Information

    4. Installation and Configuration

    https://www.rcdevs.com/docs/tags/mac-osxhttps://www.rcdevs.com/docshttps://www.rcdevs.com/docs/howtos/webadm_install/webadm_install/https://www.rcdevs.com/docs/howtos/webadm_admin/webadm_adm_guide/

  • First, you have to download OpenOTP Credential Provider for Mac OS available on RCDevs Website.

    Extract files from the archive on your Mac and run the pkg file. The installer will start, on the first screen, click on the

    ContinueContinue button and then click InstallInstall . The installer will ask you to enter your credentials to continue the installation.

    Enter your credentials and click Install softwareInstall software .

    After that another window is prompted: Click NextNext and you are on the first configuration page. On this page, you have

    to configure the OpenOTP service URL(s)service URL(s) . The request timeoutrequest timeout is set to 30 seconds by default and we advise

    you to keep this default value. A client IDclient ID can be configured to match with a client policy on WebADM/OpenOTP server. To

    have more information on how to configure a client policy, have a look here. The UPN mode can be configured on ImplicitImplicit

    or ExplicitExplicit .

    You can click on NextNext .

    On the next screen, some advanced features can be configured. Every setting here is optional.

    Certificate Authority File, this setting attempts the CA certificate of your WebADM instance. The WebADM CA certificate can be

    downloaded at https://webadm_ip/cacerthttps://webadm_ip/cacert . Note that the WebADM CA is mandatory to use the

    Offline authentication modeOffline authentication mode .

    The next setting is HTTP Proxy. Configure your HTTP proxy and port if needed.

    Server Selection Policy setting allows you to set up how the failover will works. You have 3 options: OrderedOrdered , BalancedBalanced

    and ConsistentConsistent .

    Next setting is the Offline modeOffline mode . Offline mode allows users to login on the Machine, even if the WebADM/OpenOTP

    servers are not available. The offline mode requires a Push Login InfrastructurePush Login Infrastructure in place and OpenOTP

    Software Token Application on your mobile. Have a look here for more information about Push Login Infrastructure.

    The last settings allow you to configure a custom login text and a custom logo.

    Configuration is done, you can click on the DoneDone button and the installation is finished.

    After the installation, you can modify the configuration by editing this file:

    4.1 Local Installation

    Note

    Before logout to perform a login with an OTP, we advise you to start an SSH session and keep this session open until you perform

    a success login. If for any reason, OpenOTP Credential Provider for Mac OS is not able to contact the WebADM/OpenOTP server,

    you will not be able to log in on your Mac anymore. If it’s the case, with the SSH session previously opened, you will be able to

    execute the uninstall script provided with the installer package to remove the plugin from your Mac and log in again.

    4.2 Modifying the Configuration

    http://www.rcdevs.com/downloads/Integration+Plugins/file:///var/lib/jenkins/jobs/docsite_prod/workspace/public/howtos/client_policy/clientpolicy/file:///var/lib/jenkins/jobs/docsite_prod/workspace/public/howtos/openotp_push/push_login_openotp/

  • Witch looks like this:

    Now the CP is installed and configured then we will perform logins.

    In this scenario, WebADM and OpenOTP are configured to work in Push Login Mode. Please have a look here to know how to

    vi /Library/Security/SecurityAgentPlugins/OpenOTPAuthPlugin.bundle/Contents/Resources/config.plist

    ca_file /Users/Shared/ca.crt client_id MacOS login_text Hello OTP User ! logo_path offline_mode 0 policy 1 proxy_host proxy_port server_url_1 https://192.168.3.54:8443/openotp/ server_url_2 soap_timeout 30 upn_mode 0

    xml version= encoding=

    key string key string key string keystring key string key string keystring keystring key string keystring key string key string

    dictplist

    5. Online Authentication Logins

    5.1 Push Login

    https://www.rcdevs.com/docs/howtos/openotp_push/push_login_openotp/

  • configure a push login infrastructure.

    I’m now on the login screen of my Mac, I have to enter my username and password:

    I press enter and a push login request is sent to my mobile phone.

    I press the ApproveApprove button and I log in to my Mac.

    I’m now logged in to my Mac.

    5.1.1 Push Login Logs

  • I will now perform a login in Challenge mode. I’m on the login screen of my Mac and I have to enter my username and password:

    [2018-08-14 10:07:48] [192.168.3.237] [OpenOTP:MW9OVN20] > Username: admin[2018-08-14 10:07:48] [192.168.3.237] [OpenOTP:MW9OVN20] > Domain: Default[2018-08-14 10:07:48] [192.168.3.237] [OpenOTP:MW9OVN20] > Client ID: MacOS[2018-08-14 10:07:48] [192.168.3.237] [OpenOTP:MW9OVN20] > Source IP: 192.168.3.237[2018-08-14 10:07:48] [192.168.3.237] [OpenOTP:MW9OVN20] > Options: -LDAP,OFFLINE[2018-08-14 10:07:48] [192.168.3.237] [OpenOTP:MW9OVN20] Registered openotpSimpleLogin request[2018-08-14 10:07:48] [192.168.3.237] [OpenOTP:MW9OVN20] Resolved LDAP user: CN=Admin,CN=Users,DC=yorcdevs,DC=com (cached)[2018-08-14 10:07:48] [192.168.3.237] [OpenOTP:MW9OVN20] Started transaction lock for user[2018-08-14 10:07:48] [192.168.3.237] [OpenOTP:MW9OVN20] Found user fullname: Admin[2018-08-14 10:07:48] [192.168.3.237] [OpenOTP:MW9OVN20] Found 1 user mobiles: +33xxxxxxxx[2018-08-14 10:07:48] [192.168.3.237] [OpenOTP:MW9OVN20] Found 1 user emails: [email protected][2018-08-14 10:07:48] [192.168.3.237] [OpenOTP:MW9OVN20] Found 40 user settings: LoginMode=LDAPMFA,ExpireNotify=MAIL,OTPType=TOKEN,OTPLength=6,ChallengeMode=Yes,ChallengeTimeout=90,MobileTimeout=30,PushLogin=Yes,EnableLogin=Yes,HOTPLookAheadWindow=25,TOTPTimeStep=30,TOTPTimeOffsetWindow=120,OCRASuite=OCRA-1:HOTP-SHA1-6:QN06-T1M,SMSType=Normal,SMSMode=Ondemand,MailMode=Ondemand,LastOTPTime=300,ListChallengeMode=ShowID

    [2018-08-14 10:07:48] [192.168.3.237] [OpenOTP:MW9OVN20] Found 7 user data: LoginCount,RejectCount,TokenType,TokenKey,TokenState,TokenID,TokenSerial[2018-08-14 10:07:48] [192.168.3.237] [OpenOTP:MW9OVN20] Found 1 registered OTP token (TOTP)[2018-08-14 10:07:48] [192.168.3.237] [OpenOTP:MW9OVN20] User has no U2F device registered[2018-08-14 10:07:48] [192.168.3.237] [OpenOTP:MW9OVN20] Requested login factors: OTP[2018-08-14 10:07:48] [192.168.3.237] [OpenOTP:MW9OVN20] Authentication challenge required[2018-08-14 10:07:48] [192.168.3.237] [OpenOTP:MW9OVN20] Sent push notification for token #1[2018-08-14 10:07:48] [192.168.3.237] [OpenOTP:MW9OVN20] Waiting 28 seconds for mobile push response[2018-08-14 10:07:51] [192.168.3.56] [OpenOTP:LXAC4UUS] Received mobile request from 192.168.3.192 (authentication)[2018-08-14 10:07:51] [192.168.3.56] [OpenOTP:LXAC4UUS] > Session: zUSOZQflEVexDiZG[2018-08-14 10:07:51] [192.168.3.56] [OpenOTP:LXAC4UUS] > Encoded OTP Password: xxxxxx[2018-08-14 10:07:51] [192.168.3.56] [OpenOTP:MW9OVN20] Found mobile session started 2018-08-14 10:07:48[2018-08-14 10:07:51] [192.168.3.237] [OpenOTP:MW9OVN20] PUSH password Ok (token #1)[2018-08-14 10:07:51] [192.168.3.237] [OpenOTP:MW9OVN20] Updated user data[2018-08-14 10:07:51] [192.168.3.237] [OpenOTP:MW9OVN20] Sent success response

    5.2 Challenge Login

  • I press enter and OpenOTP send me a challenge request to enter my OTP code:

    I type in my OTP code and I log in to on my Mac.

    5.2.1 Challenge Login Logs

    [2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] New openotpSimpleLogin SOAP request[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] > Username: admin[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] > Domain: Default[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] > Client ID: MacOS[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] > Source IP: 192.168.3.237[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] > Options: -LDAP,OFFLINE[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] Registered openotpSimpleLogin request[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] Checking OpenOTP license for YOANN[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] License Ok (12/50 active users)[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] Resolved LDAP user: CN=Admin,CN=Users,DC=yorcdevs,DC=com[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] Started transaction lock for user[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] Found user fullname: Admin[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] Found 1 user mobiles: +33658506140[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] Found 1 user emails:[email protected][2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] Found 40 user settings: LoginMode=LDAPMFA,ExpireNotify=MAIL,OTPType=TOKEN,OTPLength=6,ChallengeMode=Yes,ChallengeTimeout=90,MobileTimeout=30,PushLogin=Yes,EnableLogin=Yes,HOTPLookAheadWindow=25,TOTPTimeStep=30,TOTPTimeOffsetWindow=120,OCRASuite=OCRA-1:HOTP-SHA1-6:QN06-T1M,SMSType=Normal,SMSMode=Ondemand,MailMode=Ondemand,LastOTPTime=300,ListChallengeMode=ShowID

    [2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] Found 6 user data: LoginCount,RejectCount,LastOTP,TokenType,TokenKey,TokenState[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] Last OTP expired 2018-08-14 10:15:17[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] Found 1 registered OTP token (TOTP)[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] User has no U2F device registered[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] Requested login factors: OTP[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] Authentication challenge required[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] Updated user data[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] Started OTP authentication session of ID FrEobYpzXosxrVVd valid for 90 seconds[2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] Sent challenge response

  • An offline mode is available in our Mac OS Credentials Provider and I enabled this option during the configuration.

    When your laptop is offline, you are now able to log in with an OTP. So for this test, I stop WebADM services to simulate the offline

    mode. Like above, enter your LDAP Credentials on the first screen.

    OpenOTP Credential Provider for Mac OS is not able to contact OpenOTP server so, it will switch automatically to the offline

    mode. The offline mode will prompt you a QRCode.

    You have to scan this QRCode with the OpenOTP Token application. Open your OpenOTP Token application, press on the camera

    button and scan the QRCode.

    After scanning the QRCode, a window with an OTP is displayed on your smartphone like below:

    [2018-08-14 11:33:23] [192.168.3.237] [OpenOTP:NQR7W1V4] Sent challenge response[2018-08-14 11:33:35] [192.168.3.237] [OpenOTP:NQR7W1V4] New openotpChallenge SOAP request[2018-08-14 11:33:35] [192.168.3.237] [OpenOTP:NQR7W1V4] > Username: admin[2018-08-14 11:33:35] [192.168.3.237] [OpenOTP:NQR7W1V4] > Domain: Default[2018-08-14 11:33:35] [192.168.3.237] [OpenOTP:NQR7W1V4] > Session: FrEobYpzXosxrVVd[2018-08-14 11:33:35] [192.168.3.237] [OpenOTP:NQR7W1V4] > OTP Password: xxxxxx[2018-08-14 11:33:35] [192.168.3.237] [OpenOTP:NQR7W1V4] Registered openotpChallenge request[2018-08-14 11:33:35] [192.168.3.237] [OpenOTP:NQR7W1V4] Found authentication session started 2018-08-14 11:33:23[2018-08-14 11:33:35] [192.168.3.237] [OpenOTP:NQR7W1V4] Started transaction lock for user[2018-08-14 11:33:35] [192.168.3.237] [OpenOTP:NQR7W1V4] TOTP password Ok (token #1)[2018-08-14 11:33:35] [192.168.3.237] [OpenOTP:NQR7W1V4] Updated user data[2018-08-14 11:33:35] [192.168.3.237] [OpenOTP:NQR7W1V4] No registered token supports offline mode[2018-08-14 11:33:35] [192.168.3.237] [OpenOTP:NQR7W1V4] Sent success response

    6. Offline Authentication

    Note

    Offline authentication is available for Windows and MacOS login and requires at least versions: WebADM 1.6, OpenOTP 1.3.6,

    OpenOTP Token 1.4.

    Prerequisites

    One online login is required to enable offline login mode! If you manage to directly login with an offline connection it will not work.

    You must have a working Push Login infrastructure to use the offline mode.

  • Enter your OTP and you are logged on.

    6.1 Offline Logs (Mac OS Logs)

    Admins-Mac: admin$ stream | grep OpenOTPlog

  • In case you are not able to log in on your Mac after the plugin installation, you can log in to the machine over SSH and run the

    uninstall script.

    2018-08-14 12:59:47.420300+0300 0x8b23 Default 0x8000000000008f3a 1890 SecurityAgent: (OpenOTPAuthPlugin) Configuration:Deinit2018-08-14 12:59:50.053045+0300 0x8b23 Default 0x0 1890 SecurityAgent: (OpenOTPAuthPlugin) OpenOTPAuthPlugin:OpenOTPLogin:runMechanism2018-08-14 12:59:50.060642+0300 0x8b23 Default 0x0 1890 SecurityAgent: (OpenOTPAuthPlugin) EndpointHelper:OpenOTPInit2018-08-14 12:59:50.060750+0300 0x8b23 Default 0x0 1890 SecurityAgent: (OpenOTPAuthPlugin) Configuration:ReadConfiguration2018-08-14 12:59:50.060808+0300 0x8b23 Default 0x0 1890 SecurityAgent: (OpenOTPAuthPlugin) Configuration:Init2018-08-14 12:59:50.060854+0300 0x8b23 Default 0x0 1890 SecurityAgent: (OpenOTPAuthPlugin) Configuration:Default2018-08-14 12:59:50.060892+0300 0x8b23 Default 0x0 1890 SecurityAgent: (OpenOTPAuthPlugin) Configuration:Default done2018-08-14 12:59:50.061045+0300 0x8b23 Default 0x0 1890 SecurityAgent: (OpenOTPAuthPlugin) Configuration:ReadConfiguration done2018-08-14 12:59:50.061267+0300 0x8b23 Default 0x0 1890 SecurityAgent: (OpenOTPAuthPlugin) OpenOTP: init ok2018-08-14 12:59:50.061313+0300 0x8b23 Default 0x0 1890 SecurityAgent: (OpenOTPAuthPlugin) OpenOTP: init status ok2018-08-14 12:59:50.072328+0300 0x8b23 Default 0x0 1890 SecurityAgent: (OpenOTPAuthPlugin) OpenOTPAuthPlugin:loading view2018-08-14 12:59:50.076728+0300 0x8d79 Default 0x0 1890 SecurityAgent: (OpenOTPAuthPlugin) CallEndpoint called2018-08-14 12:59:50.108939+0300 0x8d79 Default 0x0 1890 SecurityAgent: (OpenOTPAuthPlugin) OpenOTPAuth:General:OpenOTP Login2018-08-14 12:59:50.111770+0300 0x8d79 Default 0x0 1890 SecurityAgent: (OpenOTPAuthPlugin) Unable to connect to any address. Failed to open a socket2018-08-14 12:59:50.111903+0300 0x8d79 Default 0x0 1890 SecurityAgent: (OpenOTPAuthPlugin) No response2018-08-14 12:59:50.112250+0300 0x8d79 Default 0x0 1890 SecurityAgent: (OpenOTPAuthPlugin) Searching for offline state for user: admin2018-08-14 12:59:50.112340+0300 0x8d79 Default 0x0 1890 SecurityAgent: (OpenOTPAuthPlugin) General:getOfflineState2018-08-14 13:00:23.509089+0300 0x8b23 Default 0x8000000000008fad 1890 SecurityAgent: (OpenOTPAuthPlugin) OpenOTP:OfflineLogin:Vertification succeed2018-08-14 13:00:23.509650+0300 0x8b23 Default 0x8000000000008fad 1890 SecurityAgent: (OpenOTPAuthPlugin) Configuration:Deinit

    7. Uninstallation

    7.1 SSH

  • Go on the OpenOTPAuthPlugin folder that you had previously extracted before the plugin installation:

    Execute the uninstall script to remove the OpenOTP plugin for MacOS:

    The plugin has been removed and now you are able to log in on your Mac without any OTP.

    For macOS High Sierra and Mojave:

    Turn on your Mac, then immediately press and hold Command-S. Now you can enter the following UNIX commands.

    ssh [email protected]:Last login: Tue Aug 16:40:57 Admins-Mac:~ admin$

    14 2018

    /Users/admin/Desktop/OpenOTPAuthPlugin.x.x/cd

    Admins-Mac:OpenOTPAuthPlugin.1.0 admin$ ls -ltotal -rw-r--r-- admin staff aoû 17:51 OpenOTPAuthPlugin-1.0.pkg-rw-r--r--@ admin staff jul 12:40 README.md-rwxr-xr-x@ admin staff aoû 13:02 uninstall

    122001 6234934 81 827 121 500 8

    Admins-Mac:OpenOTPAuthPlugin.1.0 admin$ ./uninstallPassword:YES 0YES 0Admins-Mac:OpenOTPAuthPlugin.1.0 admin$

    ( )( )

    7.2 Single-User Mode

    Note

    If you are not able to access your Mac through SSH then start your Mac in single-user mode.

  • The plugin has been removed and now you are able to log in on your Mac without any OTP.

    This manual was prepared with great care. However, RCDevs S.A. and the author cannot assume any legal or other liability for possible errors and their consequences. Noresponsibility is taken for the details contained in this manual. Subject to alternation without notice. RCDevs S.A. does not enter into any responsibility in this respect. The hardwareand software described in this manual is provided on the basis of a license agreement. This manual is protected by copyright law. RCDevs S.A. reserves all rights, especially fortranslation into foreign languages. No part of this manual may be reproduced in any way (photocopies, microfilm or other methods) or transformed into machine-readable languagewithout the prior written permission of RCDevs S.A. The latter especially applies for data processing systems. RCDevs S.A. also reserves all communication rights (lectures, radio andtelevision). The hardware and software names mentioned in this manual are most often the registered trademarks of the respective manufacturers and as such are subject to thestatutory regulations. Product and brand names are the property of RCDevs S.A. © 2021 RCDevs SA, All Rights Reserved

    ...*** Single-user boot ***Root device is mounted -only...

    localhost:/ rootlocalhost:/ rootMacintosh HD is the name of my Hard Drive on my Mac.localhost:tmp rootlocalhost:tmp rootRemove the line with OpenOTPAuthPlugin:OpenOTPLoginlocalhost:tmp root

    localhost:tmp rootlocalhost:tmp root

    localhost:tmp root

    localhost:tmp root

    read

    # mount -uw /# cd /Volumes/Macintosh\ HD/tmp

    # sudo security authorizationdb read system.login.console > tmp.plist# nano tmp.plist

    # sudo security authorizationdb write system.login.console < tmp.plist

    # rm tmp.plist# rm -rf /Volumes/Macintosh\

    HD/Library/Security/SecurityAgentPlugins/OpenOTPAuthPlugin.bundle# rm -f /Volumes/Macintosh\

    HD/var/db/securityagent/Library/Preferences/com.rcdevs.states.plist# exit

    MAC OSX Credential Provider Mac OSX1. Product Documentation2. Product Overview3. Preliminary Information4. Installation and Configuration4.1 Local Installation4.2 Modifying the Configuration

    5. Online Authentication Logins5.1 Push Login5.1.1 Push Login Logs

    5.2 Challenge Login5.2.1 Challenge Login Logs

    6. Offline Authentication6.1 Offline Logs (Mac OS Logs)

    7. Uninstallation7.1 SSH7.2 Single-User Mode


PFSENSE & OPENOTP - RCDevs & OpenOTP Radius How to enable OpenOTP authentication on pfSense This document explains how to enable OpenOTP authentication with Radius Bridge and pfSense

New osx institutional_port_setembro_final

OSX Brochure 2014

Radius Bridge - RCDEVS Online Documentation & HowTos · 2019. 9. 12. · Radius Bridge is not included in the OpenOTP installation package but in an additional in a self-installer

New osx institutional_inglês_august_final

CONFIGURE PUSH LOGIN WITH OPENOTP - RCDevs...CONFIGURE PUSH LOGIN WITH OPENOTP. This document describes how to set up Push Login infrastructure, using WebADM, OpenOTP Push Server and

Osx corporate presentation english_september

New osx institutional_inglês_september_final

ADFS & OPENOTP - RCDevs

Math8 Student OSX

PAM OPENOTP PLUGIN - RCDevs · When authenticating a user through PAM, a process will read /etc/pam.d/, where is the name of the service that the process implements. Each line in

Mac OSX Server

WINDOWS CREDENTIAL PROVIDER - rcdevs.com · OpenOTP Credential Provider will automatically download the CA certificate on the default WebADM server port when you set the OpenOTP service

WEBADM ADMINISTRATOR GUIDE - RCDevs

USER SELF- REGISTRATION - RCDevs · User Self-Registration (SelfReg) application is a web application provided by RCDevs installed on the WebADM server. This application allows users

Osx institutional eng_november

OPENOTP TOKEN MOBILE APPLICATION · Through the WebADM Admin GUI or Self-Services, you can enroll a Token by scanning a QRCode. When you have the QRCode on your screen, open the OpenOTP

Brochure OSX

Virtual Appliance - RCDEVS Online Documentation & HowTos · The RCDevs VMware Appliance is a standard and minimal CentOS 7 (64Bit) Linux installation with the RCDevs software packages

SWIFT ALLIANCE ACCESS AND OPENOTP - RCDevs · 2020-02-19 · Your client policy for Swift is now configured. You can test a login on AA with OpenOTP. If your Swift users already have

New osx institutional_port_agosto_final

Mac OSX Cheetsheet

Mac osx 64_rop_chains

Osx Data Recovery

Osx institutional ingls_june2011_v1

Hadoop on osx

Macs OSX & Libraries

OSX Technology Overview

Osx institutional inglês_august_final

osx sysconfig

YSFlight Mac OSX

11Unix OSX Commands

Osx institutional eng_november_final

Token Registration - RCDEVS Online Documentation & HowTos · OpenOTP Token is the recommended one to enjoy all features offered by OpenOTP server (like push login, phishing protection…)

Mac OSX Basics