How to set otp one time password

weihao.chen at artisantechnologies.cn weihao.chen at artisantechnologies.cn
Sat Jan 7 05:44:44 UTC 2023 

Dear Everybody:
        May I ask how to configure dovecot otp one-time verification login, that is, after the user logs in to the mailbox with the password + otp, he can send and receive emails without entering the password + otp again?

# This is my settings:
# /etc/dovecot/conf.d/10-auth.conf
disable_plaintext_auth = yes
auth_cache_size = 10M
auth_failure_delay = 5 secs
auth_ssl_username_from_cert = yes
auth_mechanisms = otp
!include auth-ldap.conf.ext

error logs:
-------------------------------
6952-Jan 06 18:03:01 master: Info: Dovecot v2.3.19.1 (9b53102964) starting up for imap, lmtp (core dumps disabled)
6953-Jan 06 18:03:02 auth: Debug: Loading modules from directory: /usr/lib/dovecot/auth
6954-Jan 06 18:03:02 auth: Debug: Module loaded: /usr/lib/dovecot/auth/lib20_auth_var_expand_crypt.so
6955:Jan 06 18:03:02 auth: Fatal: OTP mechanism can't be supported with given passdbs
6956-Jan 06 18:03:02 master: Error: service(auth): command startup failed, throttling for 2.000 secs
6957-Jan 06 18:03:02 imap-login: Info: Disconnected: Auth process broken (disconnected before auth was ready, waited 0 secs): user=<>, rip=172.30.20.51, lip=172.16.5.111, TLS handshaking, session=<OiDkhZXx7fasHhQz>
6958-Jan 06 18:03:07 auth: Debug: Loading modules from directory: /usr/lib/dovecot/auth
6959-Jan 06 18:03:07 auth: Debug: Module loaded: /usr/lib/dovecot/auth/lib20_auth_var_expand_crypt.so
6960:Jan 06 18:03:07 auth: Fatal: OTP mechanism can't be supported with given passdbs
6961-Jan 06 18:03:07 master: Error: service(auth): command startup failed, throttling for 4.000 secs
6962-Jan 06 18:03:07 imap-login: Info: Disconnected: Auth process broken (disconnected before auth was ready, waited 0 secs): user=<>, rip=172.30.20.51, lip=172.16.5.111, TLS handshaking, session=<qgIyhpXx8PasHhQz>
6963-Jan 06 18:03:11 auth: Debug: Loading modules from directory: /usr/lib/dovecot/auth
6964-Jan 06 18:03:11 auth: Debug: Module loaded: /usr/lib/dovecot/auth/lib20_auth_var_expand_crypt.so
6965:Jan 06 18:03:11 auth: Fatal: OTP mechanism can't be supported with given passdbs
6966-Jan 06 18:03:11 master: Error: service(auth): command startup failed, throttling for 8.000 secs
6967-Jan 06 18:03:11 imap-login: Info: Disconnected: Auth process broken (disconnected before auth was ready, waited 3 secs): user=<>, rip=172.30.20.51, lip=172.16.5.111, TLS, session=<gDdvhpXx8/asHhQz>
6968-Jan 06 18:03:19 auth: Debug: Loading modules from directory: /usr/lib/dovecot/auth
6969-Jan 06 18:03:19 auth: Debug: Module loaded: /usr/lib/dovecot/auth/lib20_auth_var_expand_crypt.so
6970:Jan 06 18:03:19 auth: Fatal: OTP mechanism can't be supported with given passdbs
6971-Jan 06 18:03:19 master: Error: service(auth): command startup failed, throttling for 16.000 secs
6972-Jan 06 18:03:19 imap-login: Info: Disconnected: Auth process broken (disconnected before auth was ready, waited 8 secs): user=<>, rip=172.30.20.51, lip=172.16.5.111, TLS, session=<qp7phpXx9PasHhQz>
6973-Jan 06 18:03:29 imap-login: Info: Disconnected: Connection closed (disconnected before auth was ready, waited 5 secs): user=<>, rip=172.30.20.51, lip=172.16.5.111, TLS, session=<N1qAh5Xx/PasHhQz>
6974-Jan 06 18:03:35 auth: Debug: Loading modules from directory: /usr/lib/dovecot/auth
6975-Jan 06 18:03:35 auth: Debug: Module loaded: /usr/lib/dovecot/auth/lib20_auth_var_expand_crypt.so
6976:Jan 06 18:03:35 auth: Fatal: OTP mechanism can't be supported with given passdbs
6977-Jan 06 18:03:35 master: Error: service(auth): command startup failed, throttling for 32.000 secs
6978-Jan 06 18:04:01 master: Warning: Killed with signal 15 (by pid=2692494 uid=0 code=kill)
6979-Jan 06 18:04:02 master: Info: Dovecot v2.3.19.1 (9b53102964) starting up for imap, lmtp (core dumps disabled)
6980-Jan 06 18:04:09 auth: Debug: Loading modules from directory: /usr/lib/dovecot/auth
6981-Jan 06 18:04:09 auth: Debug: Module loaded: /usr/lib/dovecot/auth/lib20_auth_var_expand_crypt.so
6982:Jan 06 18:04:09 auth: Fatal: OTP mechanism can't be supported with given passdbs
6983-Jan 06 18:04:09 master: Error: service(auth): command startup failed, throttling for 2.000 secs
6984-Jan 06 18:04:09 imap-login: Info: Disconnected: Auth process broken (disconnected before auth was ready, waited 0 secs): user=<>, rip=172.30.20.51, lip=172.16.5.111, TLS handshaking, session=<8VrsiZXxFfesHhQz>
6985-Jan 06 18:04:56 auth: Debug: Loading modules from directory: /usr/lib/dovecot/auth
6986-Jan 06 18:04:56 auth: Debug: Module loaded: /usr/lib/dovecot/auth/lib20_auth_var_expand_crypt.so
6987:Jan 06 18:04:56 auth: Fatal: OTP mechanism can't be supported with given passdbs
6988-Jan 06 18:04:56 master: Error: service(auth): command startup failed, throttling for 4.000 secs
6989-Jan 06 18:05:57 auth: Debug: Loading modules from directory: /usr/lib/dovecot/auth
6990-Jan 06 18:05:57 auth: Debug: Module loaded: /usr/lib/dovecot/auth/lib20_auth_var_expand_crypt.so
6991:Jan 06 18:05:57 auth: Fatal: OTP mechanism can't be supported with given passdbs
6992-Jan 06 18:05:57 master: Error: service(auth): command startup failed, throttling for 8.000 secs
6993-Jan 06 18:06:26 master: Warning: Killed with signal 15 (by pid=2692680 uid=0 code=kill)
6994-Jan 06 18:06:27 log(2692602): Warning: Killed with signal 15 (by pid=1 uid=0 code=kill)
6995-Jan 06 18:06:27 master: Info: Dovecot v2.3.19.1 (9b53102964) starting up for imap, lmtp (core dumps disabled)
6996-Jan 06 18:06:47 auth: Debug: Loading modules from directory: /usr/lib/dovecot/auth
6997-Jan 06 18:06:47 auth: Debug: Module loaded: /usr/lib/dovecot/auth/lib20_auth_var_expand_crypt.so
6998-Jan 06 18:06:47 auth: Debug: Read auth token secret from /var/run/dovecot//auth-token-secret.dat
6999-Jan 06 18:06:47 auth: Error: ldap_bind
7000-Jan 06 18:06:47 auth: Error: ldap_simple_bind
7001-Jan 06 18:06:47 auth: Error: ldap_sasl_bind
-------------------------------

if option:
auth_mechanisms = plain login
Can send and receive emails successfully, but when the otp time expires, you need to re-enter the password + otp, which is unacceptable to the user


Looking forward to your reply, Tanks

-- nick(Weihao)



weihao.chen at artisantechnologies.cn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20230107/7ed49900/attachment.htm>

More information about the dovecot mailing list