logging in using a one time sms code

ronnyr7 · 08-11-2019, 12:35 PM

Dear Linux community,

I volunteer in a public library, and we have 5 linux computers.
We want to limit the usage time of the users to 30 minutes per day.
There is only one username and password and it is publicly known.

I thought about trying to combine a one time sms code to create this limitation:
that users will type their mobile number or send an sms message to a number we give them,
receive a code via sms
and be able to use it in order to use the computer for 30 minutes.
something like this?

Transaction authentication number - Wikipedia
en.wikipedia.org en.wikipedia.org

Maybe you have a better idea, or an idea on how to implement such a thing?
it can also be without an sms, as long as it is done in a way that does not require assistance from the volunteers [since some of them are old and not digital].

I saw this one as well:
www.makeuseof.com

but can it be applied to my situation?

Thanks!

scasey · 08-11-2019, 06:43 PM

Folks who are using the ‘puters in the library have sms capability? Always?

Given there’s only one user and everyone knows the password, and your concern about “old” volunteers, I’d recommend sign-up sheets and kitchen timers.

berndbausch · 08-11-2019, 10:43 PM

Why is it so hard to give each user a unique user name? Off the cuff, I don't know a mechanism to limit session time, but I would be surprised if there weren't any.

Also, what did you see on makeuseof? The link goes to the top page.

ondoho · 08-12-2019, 01:29 AM

It would seem logical to log in with your library card number, no?

Libraries have Linux computers and they do implement this somehow; have you searched?

ronnyr7 · 08-12-2019, 01:55 AM

Thanks,

But as it is a community center and a library, we have no library cards.

Might be an idea though - I will consider it. The thing is, if it can be done using solely the computer it would be much better. This is why I thought about the sms idea - we use it here to login to the bank website so everyone knows it.

This is the link I saw:
https://www.makeuseof.com/tag/ubuntu...ternet-access/

And yes, they have mobile phones.

Have a good day,
Ronny

pan64 · 08-12-2019, 02:10 AM

there is a thing called one-time-password, here is an implementation: https://www.onelogin.com/product/one-time-password
is this (or something similar) what you need?

ronnyr7 · 08-12-2019, 03:20 AM

I need something that can be also suitable for people with no smartphone
and very simple to implement for them.
This is why I thought about them typing their mobile number, receiving an sms with a password/code,
and then the system can remember their mobile number for the day and they can only login once using this code.
It needs to be something they can operate easily and in a way preventing them from sitting all day behind the computer.

Thanks

allend · 08-12-2019, 11:25 AM

This shows a list of people still logged in after 30 minutes.

Code:

last -t $(date +%Y%m%d%H%M%S --date='-30 min') | grep "still logged in"

It could be combined with code to kill the users session in a script run regularly as a root cron job.