With authfront.otp, you can cooperate with any backend auth like ldap, mysql...
Based on the google authenticator reference implementation + yubikey demo php implementation. With this plugin you can authenticate users 4 different ways:
The authentication method can be set up per users, so it is possible that someone authenticate with password, other user authenticate with YubiKey, and someone else authenticate with both YubiKey and Google Authenticator.
You need to install php-yubico from http://code.google.com/p/php-yubico/
wget http://php-yubico.googlecode.com/files/Auth_Yubico-2.5.tgz pear install Auth_Yubico-2.5.tgz
Do not forget to install or enable php-curl for Auth_Yubico.
Enabled: Yes
Order:default is 13 (don't change it)
Protocol type: Sessions only
Yubico secret KEY
Yubico Client Id: your Yubico Client Id generated at http://api.yubico.com/get-api-key/ or blank when you don't plan to use YubiKey
Modify login page: Yes (There is a line added into login page "* OTP enabled")
in Users & Groups, select user to configuration
In the tab bar: Account info ||| ACL ||| Actions ||| Parameters => select Parameters
then click Add parameter
then click Add parameter
In the same window, session "All workspaces"
then click save
!!! DO NOT USE THE SAME SECRET AS YOUR GOOGLE ACCOUNT !!
Use your in the YubiKey 1 or the YubiKey 2 field. Maximum two YubiKeys can be assigned to one user.