TOTP Problem

I’ve just discovered PrivacyIdea and am impressed as far as I have seen
however I am stuck. I carried out a clean install on an Ubuntu 14.04.3 LTS
VM as follows:

apt-get install nginx-full
add-apt-repository ppa:privacyidea/privacyidea
apt-get update
apt-get install python-privacyidea privacyideaadm
apt-get install privacyidea-nginx

If I then run this command I get an error:

pi-manage admin add admin admin@localhost

So instead I run this command which works:

pi-manage admin add admin@localhost

I am then able to login to the PrivacyIdea web interface.

I have been able to add users from AD using LDAP and these users can login
using their AD accounts. I am able to enrol a HOTP token (Google
Authenticator on a phone) and this test correctly. I am also able to enrol
a TOTP token but this fails with the error “wrong OTP”. I’ve checked that I
am using SHA1, length 6 and 60 seconds. I’ve also checked time is correct
(with NTP).

I’ve noticed that I can make changes to the HOTP Token settings (save
button is blue and functional). However TOTP Token settings has a grey save
button and is not functional. (In fact all options apart from HOTP Token
settings have a grey save button which is not functional.)

I’m sure I’ve missed something obvious. But it is not obvious to me. A
pointer in the right direction would be much appreciated!

Hi Adrian,

I am glad to hear you like it.

I’ve just discovered PrivacyIdea and am impressed as far as I have
seen however I am stuck. I carried out a clean install on an Ubuntu
14.04.3 LTS VM as follows:

apt-get install nginx-full
add-apt-repository ppa:privacyidea/privacyidea
apt-get update
apt-get install python-privacyidea privacyideaadm
apt-get install privacyidea-nginx

If I then run this command I get an error:

pi-manage admin add admin admin@localhost

So instead I run this command which works:

pi-manage admin add admin@localhost

I am then able to login to the PrivacyIdea web interface.

I have been able to add users from AD using LDAP and these users can
login using their AD accounts. I am able to enrol a HOTP token (Google
Authenticator on a phone) and this test correctly. I am also able to
enrol a TOTP token but this fails with the error “wrong OTP”. I’ve
checked that I am using SHA1, length 6 and 60 seconds. I’ve also
checked time is correct (with NTP).

Afaik the Google Authenticator usually does 30 seconds.
I think there are some GA implementations, which ignore (or ignored) the
timestep setting during enrollment. Thus, choosing 30 seconds is safer.

I’ve noticed that I can make changes to the HOTP Token settings (save
button is blue and functional). However TOTP Token settings has a grey
save button and is not functional. (In fact all options apart from
HOTP Token settings have a grey save button which is not functional.)

You can only save the TOTP token settings, when you filled out all
fields.

Kind regards
CorneliusAm Mittwoch, den 09.12.2015, 14:44 -0800 schrieb Adrian Wilson:

I’m sure I’ve missed something obvious. But it is not obvious to me. A
pointer in the right direction would be much appreciated!

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/8c356bbe-6a11-4aa3-8604-65f007660872%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (836 Bytes)