I would like to know if a user’s otp access can be reset due to the loss of backup codes. I can’t access user preferences on neth server.
I solved it by deleting in the user’s home .2fa_ *
Indeed if you remove the key in the user’s home then otp is not enabled anymore. Just for the lost of backup code you can generate them again from the key that root can read.
Thank you so much stephdl and the community always ready for suggestions and solutions!
for the record
- generate the backup code
oathtool -w 5 $(cat /var/lib/nethserver/home/user/.2fa.secret)
- generate a time based code (valid 30 seconds)
oathtool --totp $(cat /var/lib/nethserver/home/user/.2fa.secret)
excellent, so it is possible to regenerate the codes without deleting the files in the user’s home