OATH Toolkit provide components to build one-time password authentication systems. It contains shared C libraries, command line tools and a PAM module. Supported technologies include the event-based HOTP algorithm (RFC 4226), the time-based TOTP algorithm (RFC 6238), and Portable Symmetric Key Container (PSKC, RFC 6030) to manage secret key data. OATH stands for Open AuTHentication, which is the organization that specify the algorithms.
The following components are included: * liboath: A shared and static C library for OATH handling. * oathtool: A command line tool for generating and validating OTPs. * pam_oath: A PAM module for pluggable login authentication for OATH. * libpskc: A shared and static C library for PSKC handling. * pskctool: A command line tool for manipulating PSKC data. The project's web page is available at: https://www.nongnu.org/oath-toolkit/ Documentation for the command line tools oathtool and pskctool: https://www.nongnu.org/oath-toolkit/oathtool.1.html https://www.nongnu.org/oath-toolkit/pskctool.1.html Tutorial on PSKC: https://www.nongnu.org/oath-toolkit/libpskc-api/pskc-tutorial.html Manual for PAM module: https://www.nongnu.org/oath-toolkit/pam_oath.html Liboath Manual: https://www.nongnu.org/oath-toolkit/liboath-api/liboath-oath.h.html Libpskc Manual https://www.nongnu.org/oath-toolkit/libpskc-api/pskc-reference.html General information on contributing: https://www.nongnu.org/oath-toolkit/contrib.html OATH Toolkit GitLab project page: https://gitlab.com/oath-toolkit/oath-toolkit OATH Toolkit Savannah project page: https://savannah.nongnu.org/projects/oath-toolkit/ Code coverage charts: https://oath-toolkit.gitlab.io/oath-toolkit/coverage/ Clang code analysis: https://oath-toolkit.gitlab.io/oath-toolkit/clang-analyzer/ If you need help to use the OATH Toolkit, or want to help others, you are invited to join our oath-toolkit-help mailing list, see: https://lists.nongnu.org/mailman/listinfo/oath-toolkit-help Here are the compressed sources and a GPG detached signature: https://download.savannah.nongnu.org/releases/oath-toolkit/oath-toolkit-2.6.9.tar.gz https://download.savannah.nongnu.org/releases/oath-toolkit/oath-toolkit-2.6.9.tar.gz.sig Here are the SHA1 and SHA224 checksums: f2c6d1d7c152aec9ec13e5d4dcc9fb1669c8014c oath-toolkit-2.6.9.tar.gz 3397c028d64273537e0e372d18c4bb65a6e6f850266b1bb52067f347 oath-toolkit-2.6.9.tar.gz Use a .sig file to verify that the corresponding file (without the .sig suffix) is intact. First, be sure to download both the .sig file and the corresponding tarball. Then, run a command like this: gpg --verify oath-toolkit-2.6.9.tar.gz.sig The signature should match the fingerprint of the following key: pub ed25519 2019-03-20 [SC] B1D2 BD13 75BE CB78 4CF4 F8C4 D73C F638 C53C 06BE uid Simon Josefsson <si...@josefsson.org> If that command fails because you don't have the required public key, or that public key has expired, try the following commands to retrieve or refresh it, and then rerun the 'gpg --verify' command. gpg --locate-external-key si...@josefsson.org gpg --recv-keys 51722B08FE4745A2 wget -q -O- https://josefsson.org/key-20190320.txt | gpg --import NEWS * Version 2.6.9 (released 2023-07-09) ** Improve compatibility with recent libxmlsec. ** Update gnulib files, dropping gnulib self-tests. Happy hacking, Simon
signature.asc
Description: PGP signature