rotate multiOTP encryption key
What I am doing is upgrading our previous version of multiOTP with a fresh build. I'm running Ubuntu 16.04 with multiOTP version 5.1.1.2. I have multiOTP storing data in a MySQL database. That part is working. What I am trying to do is pre-populate the database with current users by running example multiotp.php -debug -create john TOTP 56821bac24fbd234339356821bac24fbd2343393 4455 6 30. I was able to extract the current hexkey for my users to use in for the command above. My problem is I want to rotate the encryption key on the new system away from defaults because when it stores their token_seed value it is the same as the old system. I figure the new system is a good time to rotate this.
I have gone through the multiotp.php file and modified where encryption_key is set. Reran the command and it is still producing the same output. Ideally, I would like to leave the multiotp.php file unmodified and just set the /etc/multiotp/config/multiotp.ini encryption_key_full_path variable to override the defaults. I could not figure out how to properly set this to try.
Any help is appreciated.
This discussion has been closed.
Comments