OSDN -- 開發和下載開源軟體
繁體中文翻譯狀態 translation status for zh-tw

RSS
Download List

專案描述

LinOTP is a solution for strong two-factor authentication with one time passwords. It features a modular architecture into which UserIdResolver, authentication, and OTP calculation modules can be plugged. It includes UserIdResolver modules for LDAP/AD, SQL, and flat file user databases, and authentication modules for PAM and RADIUS. New modules can be developed easily. Supported tokens are HMAC-OTP/HOTP (RFC 4226/ OATH compliant), Aladdin eToken PASS, eToken NG-OTP, Safeword Alpine, Yubikey, Google Authenticator, motp, SMS OTP/Mobile TAN, email token, and a Simple Pass token for users without token hardware. TOTP is supported, along with a new algorithm for daily passwords for applications not supporting RADIUS. OCRA tokens are supported to allow transaction signing in banking environments. CLI, Web, and GTK+ GUI clients are available for management. LinOTP features multi-client capability, redundancy, and a self-service portal. It has been used with PAM for local and SSH logins, Apache, VPN, and Windows Terminal Server, and is OATH certified.

System Requirements

System requirement is not defined
Information regarding Project Releases and Project Resources. Note that the information here is a quote from Freecode.com page, and the downloads themselves may not be hosted on OSDN.

2011-11-15 19:57
2.4.1

A size limit was implemented for LDAP-Resolver, making it even easier to handle LDAP trees with several thousand users.
There was an administrative rollout of Google Authenticator (event, time). A back_perl module was included for setting up an OTP capable LDAP proxy. Unassign, delete, enable, and imprint were added to selfservice. It is now possible to completely customize the look and feel. Support for VASCO Digipass GO tokens was added. The name of the Google Authenticator can be configured. Mass rollout of YubiKeys is now supported. A tool was provided to determine the serial number of an unknown token by giving the OTP value (HOTP, TOTP, and VASCO). Session protection was implemented in the Web API.
標籤: VASCO, massenrollment yubikey, getserial

2011-09-19 22:58
2.4

This release adds a new audit framework to track administrative tasks and authentication events. The audit framework supports PCI DSS requirements, is OATH-certified for HOTP and TOTP tokens, and connects to simpleSAMLphp and OpenID. The new token types TOTP, Remote Token, RADIUS Token, Tagespasswort, and Yubikey have been added. A Remote Token can forward authentication requests to another LinOTP server to set up complex, distributed authentication scenarios with, for example, branch offices. A RADIUS Token forwards the authentication request to a RADIUS server for smooth migrations. It supports Yubikey in HOTP mode.

2011-04-02 05:44
2.3

This release adds a framework for configuring complex policies to define behavior in the administration, rollout, and self-service. You may define policies for setting the OTP PIN during enrollment or to restrict the rights of certain administrators in certain realms. Tokens can be assigned to specific realms so that the administration within one realm can be even more encapsulated.
Improved logging for generating audit information.
Simple rollout of smartphone tokens using QR codes.
Autoresync of HOTP tokens. Better support for redundant RADIUS setup.
標籤: Policies, Policy, Enrollment, smartphones, QR Code

2010-10-15 19:37
2.2

The new core features are a Web UI for managing tokens and the new token type SMS OTP. OTP values can be sent via SMS either by using an HTTP SMS gateway or a mobile phone attached to the LinOTP server. The tokenclass was optimized, so that it is now even easier to add new token types to LinOTP. The self service portal was improved. The checkPass function was added to useridresolvers, so that authentication to the selfservice portal can be made transparent with existing user store passwords. The possibility to configure PrependPIN, ResetFailCounter, and IncFailCount was added.
標籤: SMS OTP, Mobile TAN, Web management, Web UI

2010-06-26 06:41
2.1

Multi-client capability: by supporting multiple SQL, LDAP, and flat file instances and grouping those UserIdResolvers to realms, flexible authentication scenarios are now possible). A Self Service portal. A new token type: Simple Pass. Enrolling eToken NG OTP now allows setting a manual or a random password. The management client now writes log files. API documentation has been added. There are packages Fedora 13 and Ubuntu 9.10 and 10.04 LTS, and an install CD for the LinOTP server. There is an all-in-one Windows installer for the management client.
標籤: multi-client capabilty, self service portal

Project Resources

Project Page 首頁