[wplug] Two-factor authentication systems on Linux

Pat Barron pat at tiderium.com
Wed Feb 2 12:36:26 EST 2011


Thanks for both of these pointers!

I actually have a different HOTP client for Android, which should also 
work with the Barada back-end, from what I can tell (plus, I just 
downloaded the Barada Android client, too - didn't find it in the Market 
when I was looking for stuff, guess it didn't match any of the keywords 
I was searching...).  Nice to see a server implementation for Linux out 
there.  Bummer it's not in any of the mainstream distributions, but 
looks straightforward enough to drop in.

I'd first started out looking for S/Key (or the compatible OPIE), but I 
haven't found "native" support for that in Fedora or Debian either 
(actually, only places I found it at all were OpenBSD and FreeBSD).

Wish Securenet Key still existed, and that it was supported anywhere 
(actually, I think there might be legacy support for it still in 
OpenBSD, too...).  One of the things I liked about it was it had this 
concept of a "duress PIN" - like, if someone were to put a gun to your 
head to force you to give up the PIN, there was a second PIN you could 
give the miscreant that would apparently work, and would let them into 
the system - but would also let you set off alarms to let someone know 
that something bad was happening.  Not that I'm paranoid or anything, I 
can't really imagine ever having a system whose contents were so 
valuable that someone might consider doing such a thing... ;-)  Just 
always thought that was cool, and I don't see any feature like that in 
OATH/HOTP.

--Pat.

On 02/02/2011 10:23 AM, Nicholas A. Schembri wrote:
> there is a pam module for Perfect Paper Passwords.
>
> http://linuxpoison.blogspot.com/2009/04/perfect-paper-passwords-one-time.html
> www.grc.com/sn/sn-117.pdf <http://www.grc.com/sn/sn-117.pdf>
>
> On Wed, Feb 2, 2011 at 9:32 AM, David J. Pryke <david-wplug at pryke.us 
> <mailto:david-wplug at pryke.us>> wrote:
>
>     On 2/2/2011 9:19 AM, Pat Barron wrote:
>     > Can anyone speak to the topic of what two-factor authentication
>     systems
>     > might be available on any current Linux distributions?
>     <snip>
>     >
>     > My interest has been sparked by messing around with various
>     "software
>     > token" authentication tools on Android, trying to see if I can
>     leverage
>     > something like that on some of my Linux systems.
>     >
>     > Thanks,
>     > --Pat.
>
>     I ran across this two-factor authentication system that utilizes a
>     piece of
>     software on an Android phone the other day.  Sounds like what you are
>     looking for: http://barada.sourceforge.net/
>
>
>     --
>     Thanks,
>
>     David J. Pryke
>     _______________________________________________
>     wplug mailing list
>     wplug at wplug.org <mailto:wplug at wplug.org>
>     http://www.wplug.org/mailman/listinfo/wplug
>
>
>
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.wplug.org/pipermail/wplug/attachments/20110202/de456d13/attachment.html 


More information about the wplug mailing list