Development of TOTP-Based SSH Mutli-Factor Authentication System

Jinyong Jo; Dongkyun Kim; Buseung Cho

Development of TOTP-Based SSH Mutli-Factor Authentication System

Jinyong Jo

Dongkyun Kim

Buseung Cho

Vol. 50, No. 11, pp. 1788-1801, Nov. 2025

10.7840/kics.2025.50.11.1788

Multi-Factor Authentication

PDF Full-Text

Abstract

This study presents the implementation of a TOTP-based multi-factor authentication system to address the security vulnerabilities of single-factor SSH authentication. More than 65% of SSH servers worldwide rely solely on password authentication, making them vulnerable to brute-force or man-in-the-middle attacks. Existing OpenLDAP-based SSH multi-factor authentication systems using TOTP process a password and a TOTP passcode as a single concatenated string, which hinders identifying the cause of authentication failures and limits the combination of various authentication factors. The proposed system separates primary and secondary authentication by implementing an OpenLDAP extended operation and SSH server PAM modules independently. The implementation enables independent verification of each authentication factor, clear identification of failures, and flexible combination of diverse authentication methods. To reduce security risks from client-side key breaches, TOTP shared keys are centrally managed in the OpenLDAP server. Evaluation results demonstrate OATH compliance and broad compatibility with SSH clients and TOTP applications. The system achieved a 100% response rate and processed 12.6 authentication requests per second in a concurrent 20-user environment.

Statistics

Cumulative Counts from November, 2022
Multiple requests among the same browser session are counted as one view. If you mouse over a chart, the values of data points will be shown.

Cite this article

[IEEE Style]

J. Jo, D. Kim, B. Cho, "Development of TOTP-Based SSH Mutli-Factor Authentication System," The Journal of Korean Institute of Communications and Information Sciences, vol. 50, no. 11, pp. 1788-1801, 2025. DOI: 10.7840/kics.2025.50.11.1788.

[ACM Style]

Jinyong Jo, Dongkyun Kim, and Buseung Cho. 2025. Development of TOTP-Based SSH Mutli-Factor Authentication System. The Journal of Korean Institute of Communications and Information Sciences, 50, 11, (2025), 1788-1801. DOI: 10.7840/kics.2025.50.11.1788.

[KICS Style]

Jinyong Jo, Dongkyun Kim, Buseung Cho, "Development of TOTP-Based SSH Mutli-Factor Authentication System," The Journal of Korean Institute of Communications and Information Sciences, vol. 50, no. 11, pp. 1788-1801, 11. 2025. (https://doi.org/10.7840/kics.2025.50.11.1788)

Vol. 50, No. 11 Index

Development of TOTP-Based SSH Mutli-Factor Authentication System

Submenu

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

Recent Publications
(LAST 3 YEARS)

Development of TOTP-Based SSH Mutli-Factor Authentication System

A SVM-based Spam Filtering System for Short Message Service (SMS)

A Performance Analysis of TH-BPPM and TH-BPAM UWB System

Implementation of Personal Information Authentication Using Blockchain-Based Zero Knowledge Proofs

A Scheme of VoIP Spam Detection Using Improved Multi Gray-Leveling

Detecting Spam Data for Securing the Reliability of Text Analysis

Submenu

Search (IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS(TOP 10 KEYWORDS)

Recent Publications(LAST 3 YEARS)

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)