OTP Authentication

1.20.6. OTP Authentication#

If OTP authentication fails for a user you might check the following:

  • Verify that the tokens for this user are not locked.

  • Verify that the fail counters of the tokens of the user have not reached the max fail count.

  • Try to authenticate via the LinOTP Web API. This will give you a better idea of the error and rule out error source like the RADIUS server or the PAM module. For doing this use a web browser and go to the URL:

    https://<yourlinotpserver>/validate/check?user=<login>&pass=<OTPPINOTPvalue>.

  • The return will be a JSON structure. Either download it and view it with your preferred text viewer or get the JSONViewer Plugin for your browser.

  • Take a look at the log file on the LinOTP server. Probably it is the file: /var/log/linotp/linotp.log.

  • Take a look at the RADIUS server log file.