Test a multi-factor authentication TOTP token

• A running IBM Storage Ceph cluster.

• Root-level access to the nodes.

• Ceph Object Gateway is installed.

• You have root access on a Ceph Monitor node.

• An MFA TOTP token was created using radosgw-admin mfa create.

• Test the TOTP token PIN to verify that TOTP functions correctly:

  Syntax

  radosgw-admin mfa check --uid=USERID --totp-serial=SERIAL --totp-pin=PIN

  Set USERID to the user name MFA is set up on, set SERIAL to the string that represents the ID for the TOTP token, and set PIN to the latest PIN from the one-time password generator.

  Example

  [root@host01 ~]# radosgw-admin mfa check  --uid=johndoe --totp-serial=MFAtest --totp-pin=870305
  ok

  If this is the first time you have tested the PIN, it may fail. If it fails, resynchronize the token.

For more information, see the following:

• Creating a seed for multi-factor authentication
• Resynchronizing a multi-factor authentication TOTP token