Updated on 2024-09-24 GMT+08:00

Configuring OTP Token Login Authentication

An OTP token is a security hardware device that generates one-time passwords. You can use event-based OTP tokens. In OTP token authentication method, both your static login password and a 6-digit one-time password generated by your hardware are required for login.

Constraints

  • Currently, bastion hosts support only Jansh ETZ201/ETZ203 OTP tokens.
  • A hardware OTP token can be issued only to one user.

Prerequisites

You have obtained a hardware token.

Step 1: Configure OTP Token Authentication

  1. Log in to your bastion host as the administrator.
  2. Choose User > User to go to the User management page.
  3. Select a user and click its LoginName.
  4. In the User Setting area, click Edit.

    Figure 1 Editing user setting

  5. In the displayed Edit user setting dialog box, select OTP token for Multifactor Verification.
  6. Click OK.

Step 2: Issue an OTP Token

  1. Log in to your bastion host as the administrator.
  2. Choose User > OTP token in the navigation pane.
  3. Click Issue to issue an OTP token.

    Figure 2 Issuing an OTP token

  4. Enter the required token information.

    Figure 3 Issue Token ID
    Table 1 Parameters for issuing an OTP token

    Parameter

    Description

    Token ID

    Specifies the OTP token ID.

    Key

    Specifies the key uniquely corresponding to the OTP token. It is provided by the OTP token vendor.

    Relate User

    User who the OTP token is related to.

  5. Click OK. You can view the newly issued OTP token in the OTP token list.

    In the OTP token authentication method, the login page requires the login name, static password, and the dynamic OTP issued by your hardware token.