FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian Development

 
 
LinkBack Thread Tools
 
Old 01-12-2010, 01:22 AM
Andrew Pollock
 
Default Bug#564820: ITP: libpam-barada -- PAM module to provide two-factor authentication based on HOTP

Package: wnpp
Severity: wishlist
Owner: Andrew Pollock <apollock@debian.org>

* Package name : libpam-barada
Version : 0.4
Upstream Author : Moxie Marlinspike <moxie@thoughtcrime.org>
* URL : http://barada.sourceforge.net/
* License : GPL
Programming Lang: C++
Description : PAM module to provide two-factor authentication based on HOTP

Use HOTP (RFC4226) two-factor authentication with PAM.
.
In addition to a normal password, users are also assigned a 128 bit key and
arbitrary-length PIN number. Every time you'd like to login using a OTP, you
calculate a secure hash based on your assigned PIN and an increasing counter,
the result of which is a six character one time password.
.
While this module could be used in conjunction with many different
client devices, it was written specifically with Android devices in
mind. There is companion software which runs on Android, so that your
phone essentially becomes a SecureID token. All you need to do is
open up the software, type in your PIN, and you get back a 6-character
number that you can use to login to your system.


-- System Information:
Debian Release: 5.0.3
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)



--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-12-2010, 07:35 PM
Peter Samuelson
 
Default Bug#564820: ITP: libpam-barada -- PAM module to provide two-factor authentication based on HOTP

[Andrew Pollock]
> * Package name : libpam-barada
> Description : PAM module to provide two-factor authentication based on HOTP

I would suggest that the PAM architecture is better suited to providing
only _one_ factor of authentication per plugin. Does this module
really implement two factors? If not, you probably shouldn't claim
that it does.


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 01-12-2010, 09:01 PM
Russ Allbery
 
Default Bug#564820: ITP: libpam-barada -- PAM module to provide two-factor authentication based on HOTP

Peter Samuelson <peter@p12n.org> writes:
> [Andrew Pollock]

>> * Package name : libpam-barada
>> Description : PAM module to provide two-factor authentication based on HOTP

> I would suggest that the PAM architecture is better suited to providing
> only _one_ factor of authentication per plugin. Does this module really
> implement two factors? If not, you probably shouldn't claim that it
> does.

I don't know about this module in particular, but it's certainly possible
for a PAM module to provide a system interface for a two-factor
authentication system. For example, use of a hardware smart card plus a
pass code is a two-factor authentication system, and if the PAM module
prompts the user to enter the smart card, prompts for the pass code, and
then uses the libraries to verify the pass code and the smart card, that's
a two-factor authentication system implemented in a PAM module.

--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>


--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 10:07 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org