Projects / LinOTP

LinOTP

LinOTP is a solution for strong two-factor authentication with one time passwords. It features a modular architecture into which UserIdResolver, authentication, and OTP calculation modules can be plugged. It includes UserIdResolver modules for LDAP/AD, SQL, and flat file user databases, and authentication modules for PAM and RADIUS. New modules can be developed easily. Supported tokens are HMAC-OTP/HOTP (RFC 4226/ OATH compliant), Aladdin eToken PASS, eToken NG-OTP, Safeword Alpine, Yubikey, Google Authenticator, motp, SMS OTP/Mobile TAN, email token, and a Simple Pass token for users without token hardware. TOTP is supported, along with a new algorithm for daily passwords for applications not supporting RADIUS. OCRA tokens are supported to allow transaction signing in banking environments. CLI, Web, and GTK+ GUI clients are available for management. LinOTP features multi-client capability, redundancy, and a self-service portal. It has been used with PAM for local and SSH logins, Apache, VPN, and Windows Terminal Server, and is OATH certified.

Tags
Licenses
Operating Systems
Implementation
Translations

RSS Last announcement

Youtube channel available 28 Nov 2013

We added a youtube channel, where we plan to release some explaining videos.
https://www.youtube.com/channel/UCZeHTCe4C31ku_i9Taa7l0Q

RSS Recent releases

  •  28 Mar 2014 19:09

Release Notes: This release adds the client to the audit information and the possibility to change the phone number for SMS tokens. It also allows Yubikeys to be autoassigned. In addition, many small bugfixes and improvements were implemented.

  •  20 Feb 2014 22:38

Release Notes: This release fixes a problem with LDAPS connections, catches token exceptions to prevent errors when processing several tokens, and fixes an error which prevented LDAP Resolver from unbinding.

  •  14 Feb 2014 15:21

Release Notes: Missing resolvers caused the community edition to raise an exception. This has been fixed.

Release Notes: This patch release adds the radius client testing tool "linotp-auth-radius" (which supports challenge response), fixes the otppin=2 (no pin) problems with email and totptoken, fixes the "Logout" button, binds the resolvers object to the request for performance, improves sqlresolver checkpass to also support {sha} and {ssha} passwords, adds automation, and sends the token list via email or uploads to Windows shares.

Release Notes: A new challenge response mode for all tokens. A new email token type. CSV export for tokens and audit. Improved support for all Yubikey modes. Better policies.

Screenshot

Project Spotlight

Fileevent

A rules-based utility that notices files and perform actions on them.

Screenshot

Project Spotlight

xtitle

A tool that sets the window title and icon name for an X11 terminal window.