Re: Looking for Special Challenge-Response Auth PAM Module, or Similar

[Philipp Marek]

How about having a background job that just changes the root password regularly to a new random value, encrypts it with some gpg key, and presents the encrypted data as qr on a virtual console?

You just read it in via the notebook webcam, use your private key to decrypt it, and enter it - no PAM changes needed at all.


You can easily choose the length, validity period and complexity to whatever you want or require; and it won't repeat.