[wplug] Two-factor authentication systems on Linux
Pat Barron
pat at tiderium.com
Wed Feb 2 12:36:26 EST 2011
Thanks for both of these pointers!
I actually have a different HOTP client for Android, which should also
work with the Barada back-end, from what I can tell (plus, I just
downloaded the Barada Android client, too - didn't find it in the Market
when I was looking for stuff, guess it didn't match any of the keywords
I was searching...). Nice to see a server implementation for Linux out
there. Bummer it's not in any of the mainstream distributions, but
looks straightforward enough to drop in.
I'd first started out looking for S/Key (or the compatible OPIE), but I
haven't found "native" support for that in Fedora or Debian either
(actually, only places I found it at all were OpenBSD and FreeBSD).
Wish Securenet Key still existed, and that it was supported anywhere
(actually, I think there might be legacy support for it still in
OpenBSD, too...). One of the things I liked about it was it had this
concept of a "duress PIN" - like, if someone were to put a gun to your
head to force you to give up the PIN, there was a second PIN you could
give the miscreant that would apparently work, and would let them into
the system - but would also let you set off alarms to let someone know
that something bad was happening. Not that I'm paranoid or anything, I
can't really imagine ever having a system whose contents were so
valuable that someone might consider doing such a thing... ;-) Just
always thought that was cool, and I don't see any feature like that in
OATH/HOTP.
--Pat.
On 02/02/2011 10:23 AM, Nicholas A. Schembri wrote:
> there is a pam module for Perfect Paper Passwords.
>
> http://linuxpoison.blogspot.com/2009/04/perfect-paper-passwords-one-time.html
> www.grc.com/sn/sn-117.pdf <http://www.grc.com/sn/sn-117.pdf>
>
> On Wed, Feb 2, 2011 at 9:32 AM, David J. Pryke <david-wplug at pryke.us
> <mailto:david-wplug at pryke.us>> wrote:
>
> On 2/2/2011 9:19 AM, Pat Barron wrote:
> > Can anyone speak to the topic of what two-factor authentication
> systems
> > might be available on any current Linux distributions?
> <snip>
> >
> > My interest has been sparked by messing around with various
> "software
> > token" authentication tools on Android, trying to see if I can
> leverage
> > something like that on some of my Linux systems.
> >
> > Thanks,
> > --Pat.
>
> I ran across this two-factor authentication system that utilizes a
> piece of
> software on an Android phone the other day. Sounds like what you are
> looking for: http://barada.sourceforge.net/
>
>
> --
> Thanks,
>
> David J. Pryke
> _______________________________________________
> wplug mailing list
> wplug at wplug.org <mailto:wplug at wplug.org>
> http://www.wplug.org/mailman/listinfo/wplug
>
>
>
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.wplug.org/pipermail/wplug/attachments/20110202/de456d13/attachment.html
More information about the wplug
mailing list