Bug#564820: ITP: libpam-barada -- PAM module to provide two-factor authentication based on HOTP
Package: wnpp Severity: wishlist Owner: Andrew Pollock * Package name: libpam-barada Version : 0.4 Upstream Author : Moxie Marlinspike * URL : http://barada.sourceforge.net/ * License : GPL Programming Lang: C++ Description : PAM module to provide two-factor authentication based on HOTP Use HOTP (RFC4226) two-factor authentication with PAM. . In addition to a normal password, users are also assigned a 128 bit key and arbitrary-length PIN number. Every time you'd like to login using a OTP, you calculate a secure hash based on your assigned PIN and an increasing counter, the result of which is a six character one time password. . While this module could be used in conjunction with many different client devices, it was written specifically with Android devices in mind. There is companion software which runs on Android, so that your phone essentially becomes a SecureID token. All you need to do is open up the software, type in your PIN, and you get back a 6-character number that you can use to login to your system. -- System Information: Debian Release: 5.0.3 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#564820: ITP: libpam-barada -- PAM module to provide two-factor authentication based on HOTP
Hey Andrew, I had filed #520199 to package this ages ago but never got around to it. Please merge that bug and take this ITP with my blessing :) * Andrew Pollock (apoll...@debian.org) wrote: > Package: wnpp > Severity: wishlist > Owner: Andrew Pollock > > * Package name: libpam-barada > Version : 0.4 > Upstream Author : Moxie Marlinspike > * URL : http://barada.sourceforge.net/ > * License : GPL > Programming Lang: C++ > Description : PAM module to provide two-factor authentication based on > HOTP > > Use HOTP (RFC4226) two-factor authentication with PAM. > . > In addition to a normal password, users are also assigned a 128 bit key and > arbitrary-length PIN number. Every time you'd like to login using a OTP, you > calculate a secure hash based on your assigned PIN and an increasing counter, > the result of which is a six character one time password. > . > While this module could be used in conjunction with many different > client devices, it was written specifically with Android devices in > mind. There is companion software which runs on Android, so that your > phone essentially becomes a SecureID token. All you need to do is > open up the software, type in your PIN, and you get back a 6-character > number that you can use to login to your system. > > > -- System Information: > Debian Release: 5.0.3 > APT prefers stable > APT policy: (500, 'stable') > Architecture: i386 (i686) > > > -- Eric Dorland ICQ: #61138586, Jabber: ho...@jabber.com signature.asc Description: Digital signature
Bug#564820: ITP: libpam-barada -- PAM module to provide two-factor authentication based on HOTP
On Mon, 2010-01-11 at 18:22 -0800, Andrew Pollock wrote:
>
> * Package name: libpam-barada
> Description : PAM module to provide two-factor authentication based on
> HOTP
>
> Use HOTP (RFC4226) two-factor authentication with PAM.
[..]
> While this module could be used in conjunction with many different
> client devices,
> it was written specifically with Android devices in mind.
There are many HOTP client out there[1]. Is it really android specific
in any way?
I suggest dropping that sentence.
> There is companion software which runs on Android, so that your
^^ ${your phone}
> phone essentially becomes a SecureID token. All you need to do is
> open up the software, type in your PIN, and you get back a 6-character
> number that you can use to login to your system.
[1] http:// rcdevs.com/products/openotp/tokens.php
I suppose this new RFC is more secure than plain old OTP/OPIE (?). In
any case, the package could include those 2 keyword for `aptitude
search`
Franklin
--
To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#564820: ITP: libpam-barada -- PAM module to provide two-factor authentication based on HOTP
[Andrew Pollock] > * Package name: libpam-barada > Description : PAM module to provide two-factor authentication based on > HOTP I would suggest that the PAM architecture is better suited to providing only _one_ factor of authentication per plugin. Does this module really implement two factors? If not, you probably shouldn't claim that it does. -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
