otpd (latest svn checkout) can't authenticate a user in /etc/otppasswd

[GoogleCodeExporter]

Installing otpd and creating /etc/otppasswd with 0600 mode, I got the following 
error:

otpd: otpd 3.2.7 starting
otpd: accept_thread: tid=3076291440
otpd: accept_thread: plugin accept fd=5
otpd: work_thread: tid=3067898736, fd=5
otpd: work_thread(3067898736,5): handling plugin request for [nicolas]
otpd: file_get: /etc/otppasswd: loose permissions
otpd: verify: unable to get user info for [nicolas]
otpd: work_thread(3067898736,5): plugin disconnect

Whereas user nicolas is in the file, with correct parameters (token filled and 
token type c200-d6).

What is the problem ? The file owner is root, and group root, and I launched 
otpd with "sudo otpd -D", trying to authenticate with "sudo otpauth -u nicolas 
-p my_pin -s /var/run/otpd/socket"

Thanks for your help.

Original issue reported on code.google.com by kalonbun...@gmail.com on 23 Mar 2011 at 3:16

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

This isn't a bug.  By design, otpd requires that the file be readable only by 
the user running the otpd process (by the way, I strongly recommend using a 
non-root user for this).  If you need the file to also be group-readable, see 
the filemode keyword added in the latest revision in SVN.

Original comment by t...@panix.com on 22 Sep 2012 at 1:44

• Changed state: Fixed