From 765f84386b6e94984ff79db2eab36d51f759159b Mon Sep 17 00:00:00 2001 From: goodNETnick Date: Thu, 22 Sep 2022 02:03:04 -0400 Subject: system login: T874: add 2FA support for local and ssh authentication --- interface-definitions/system-login.xml.in | 76 +++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) (limited to 'interface-definitions') diff --git a/interface-definitions/system-login.xml.in b/interface-definitions/system-login.xml.in index 24eeee355..79c7c4791 100644 --- a/interface-definitions/system-login.xml.in +++ b/interface-definitions/system-login.xml.in @@ -8,6 +8,62 @@ 400 + + + Global authentication settings + + + + + 2FA OTP authentication parameters + + + + + Number of attempts. Limit logins to N per every M seconds + + u32:1-10 + Number of attempts. Limit logins to N per every M seconds + + + + + Number of login attempts must me between 1 and 10 + + 3 + + + + Time interval. Limit logins to N per every M seconds + + u32:15-600 + Time interval. Limit logins to N per every M seconds + + + + + Rate limit time interval must be between 15 and 600 seconds + + 30 + + + + Set window of concurrently valid codes + + u32:1-21 + Set window of concurrently valid codes + + + + + Window of concurrently valid codes must be between 1 and 21 + + 3 + + + + + Local user account information @@ -36,6 +92,26 @@ ! + + + 2FA OTP authentication parameters + + + + + Token Key Secret key for the token algorithm (see RFC 4226) + + txt + OTP key (base32 encoded secret) + + + [a-zA-Z2-7]{20,10000} + + Key must only include base32 characters and be at least 26 characters long + + + + Plaintext password used for encryption -- cgit v1.2.3