OATH Toolkit provide components to build one-time password authentication systems. It contains shared C libraries, command line tools and a PAM module. Supported technologies include the event-based HOTP algorithm (RFC 4226), the time-based TOTP algorithm (RFC 6238), and Portable Symmetric Key Container (PSKC, RFC 6030) to manage secret key data. OATH stands for Open AuTHentication, which is the organization that specify the algorithms.
The following components are included: * liboath: A shared and static C library for OATH handling. * oathtool: A command line tool for generating and validating OTPs. * pam_oath: A PAM module for pluggable login authentication for OATH. * libpskc: A shared and static C library for PSKC handling. * pskctool: A command line tool for manipulating PSKC data. The project's web page is available at: https://www.nongnu.org/oath-toolkit/ Documentation for the command line tools oathtool and pskctool: https://www.nongnu.org/oath-toolkit/oathtool.1.html https://www.nongnu.org/oath-toolkit/pskctool.1.html Tutorial on PSKC: https://www.nongnu.org/oath-toolkit/libpskc-api/pskc-tutorial.html Manual for PAM module: https://www.nongnu.org/oath-toolkit/pam_oath.html Liboath Manual: https://www.nongnu.org/oath-toolkit/liboath-api/liboath-oath.h.html Libpskc Manual https://www.nongnu.org/oath-toolkit/libpskc-api/pskc-reference.html General information on contributing: https://www.nongnu.org/oath-toolkit/contrib.html OATH Toolkit GitLab project page: https://gitlab.com/oath-toolkit/oath-toolkit OATH Toolkit Savannah project page: https://savannah.nongnu.org/projects/oath-toolkit/ Code coverage charts: https://oath-toolkit.gitlab.io/oath-toolkit/coverage/ Clang code analysis: https://oath-toolkit.gitlab.io/oath-toolkit/clang-analyzer/ If you need help to use the OATH Toolkit, or want to help others, you are invited to join our oath-toolkit-help mailing list, see: https://lists.nongnu.org/mailman/listinfo/oath-toolkit-help Here are the compressed sources and a GPG detached signature: https://download.savannah.nongnu.org/releases/oath-toolkit/oath-toolkit-2.6.8.tar.gz https://download.savannah.nongnu.org/releases/oath-toolkit/oath-toolkit-2.6.8.tar.gz.sig Here are the SHA1 and SHA224 checksums: 139e535dfb51016d37a3afebfcd9d00d14c47ed4 oath-toolkit-2.6.8.tar.gz d2788564f388b04a5e60fcf737b158470f723bca73011af51d238c1e oath-toolkit-2.6.8.tar.gz Use a .sig file to verify that the corresponding file (without the .sig suffix) is intact. First, be sure to download both the .sig file and the corresponding tarball. Then, run a command like this: gpg --verify oath-toolkit-2.6.8.tar.gz.sig The signature should match the fingerprint of the following key: pub ed25519 2019-03-20 [SC] B1D2 BD13 75BE CB78 4CF4 F8C4 D73C F638 C53C 06BE uid Simon Josefsson <si...@josefsson.org> If that command fails because you don't have the required public key, or that public key has expired, try the following commands to retrieve or refresh it, and then rerun the 'gpg --verify' command. gpg --locate-external-key si...@josefsson.org gpg --recv-keys 51722B08FE4745A2 wget -q -O- https://josefsson.org/key-20190320.txt | gpg --import NEWS * Version 2.6.8 (released 2023-07-09) ** libpskc: Fixes for recent libxmlsec releases. ** pam_oath: Provide fallback pam_modutil_getpwnam implementation. Fixes <https://gitlab.com/oath-toolkit/oath-toolkit/-/issues/26> on Mac OS. Patch from Nick Gaya <nicholasgaya+git...@gmail.com>. ** pam_oath: Don't fail authentication when pam_modutil_getpwnam doesn't ** know the user when usersfile don't include ${USER} or ${HOME}. Closes: #27. Regression introduced in previous release. Reported by Nick Gaya <nicholasgaya+git...@gmail.com>. ** pam_oath: Self-test improvements. Patch from Nick Gaya <nicholasgaya+git...@gmail.com>. ** liboath: Builds on Windows. The oath_authenticate_usersfile function is just a stub that returns an error. This allows for use of the rest of the library on Windows. Thanks to David Woodhouse, see <https://gitlab.com/oath-toolkit/oath-toolkit/-/merge_requests/15>. ** Disable PAM self-tests on Mac. Fix --enable-root-tests logic. ** Don't ship gtk-doc PDF's in tarball. ** Use gitlog-to-changelog instead of git2cl. ** Codespell typo fixes. Patch by Dimitri Papadopoulos. Happy hacking, Simon
signature.asc
Description: PGP signature
