asterisk-otp-in-python - Browse Files at SourceForge.net

The interactive file manager requires Javascript. Please enable it or use sftp or scp.
You may still browse the files here.

Name	Modified	Size
readme-4asterisk-otp.txt	2016-07-18	3.0 kB
get_base32_pwd.py	2016-07-17	38 Bytes
asterisk_entries.txt	2016-07-17	3.0 kB
getotp.py	2016-07-17	1.7 kB
otpcode.py	2016-07-17	4.4 kB
Totals: 5 Items		12.1 kB

You can significantly Reduce the potential for high fraudulent long distance charges by requiring a password
be entered before the call is allowed. But why use a password when you can use a one time password (OTP)
which changes every 30 seconds. All you need is for your users to have an ios or android, tablet or phone
and the following changes on your asterisk machine! The steps are:

1. As root create python program otpcode.py which will calculate one time passwords given
a secret base32 password seed.
download file otpcode.py
save file as /etc/asterisk/otpcode.py
chmod 755 /etc/asterisk/otpcode.py
chown asterisk.asterisk /etc/asterisk/otpcode.py

2. As root create python program getotp.py which will act as a simple interface between asterisk and the
otpcode program
download file getotp.py
save file as /etc/asterisk/getotp.py
chmod 755 /etc/asterisk/getotp.py
chown asterisk.asterisk /etc/asterisk/getotp.py

to test the program try entering the following commands at the prompt /etc/asterisk$
./getotp.py MXVJEWUQGK3RKGMO
./getotp.py MXVJEWUQGK3RKGMO -60
./getotp.py "MXVJEWUQGK3RKGMO,-60"
./getotp.py new_password

3. As root create get_base32_pwd which will generate base32 passwords to use. This secret base32
password will be stored on the asterisk machine and in your phone in step 5.
download get_base32_pwd.py
save file as /root/get_base32_pwd.py
chmod 755 /root/get_base32_pwd.py
chown root.root /root/get_base32_pwd.py

to test enter at the prompt \root#
./get_base32_pwd.py

4. Add to your asterisk extensions a few lines of code to verify the OTP entered by the caller
matches the OTP calculated by the python program see the asterisk_entries.txt for an example

5. Install on your phone freeotp, an open source program that will calculate the OTP you will need
to send to the asterisk machine.

On your android device go to playstore and enter freeotp. It is also available on ios devices.
Install it, then open it. Press the symbol key + . Then on the first line, in the email entry just enter
what you want the asterisk box to be called . For this example enter "asterisk machine". On the next
line press the space bar. On the third line for secret enter the number you got from the asterisk
machine when you ran get_base32_pwd. Leave type as TOTP and leave DIGITS as 6, also leave algorithm
as SHA1 and leave interval as 30. Now press add. On the new screen touch the word asterisk machine.
The symbol shows you how long until the one time password is invalid and the number shown is the
one time password you need to enter into asterisk.

If you use the example asterisk code the one time password is valid for 90 seconds. For security the
same password can not be reused. If you want to shorten how long a password is valid for, comment out
or delete the lines of code which are commented in the asterisk dial plan.

Source: readme-4asterisk-otp.txt, updated 2016-07-18

asterisk-otp-in-python Files