LinOTP

LinOTP is a Linux-based solution to manage authentication devices for two-factor authentication with one time passwords. It is implemented as a web service based on the python framework Pylons. Thus it requires a web server to run in.

LinOTP
Developer(s)KeyIdentity GmbH
Initial releaseMarch 1, 2010 (2010-03-01)
Stable release
2.9.3.2 / September 7, 2017 (2017-09-07)
Written inPython
Operating systemLinux
Available inEnglish, German
TypeOTP Authentication server
LicenseAGPL
Websitelinotp.org

LinOTP is mainly developed by the German company KeyIdentity GmbH. Its core components are licensed under the Affero General Public License.

It is an open source authentication server certified[1] by the OATH initiative for open authentication for its 2.4 version.

Overview

As a web service LinOTP provides a REST-like web API.[2] All functions can be accessed via Pylons controllers. Responses are returned as a JSON object.

LinOTP is designed in a modular way enabling user store modules and token modules. Thus it is capable of supporting a wide range of different tokens.

Features
  • Supported tokens:[3]
  • SafeNet eToken Pass
  • SafeNet Safeword Alpine
  • mOTP
  • Lost token
  • Paper token
  • Feitian C-100 (HOTP)
  • Feitian C-200 (TOTP)
  • Feitian C-300 (OCRA)
  • Feitian c601 (optical OCRA)
  • Authenex A-Key V 3.6
  • Yubico Yubikey
  • Gemalto Ezio Token
  • Smartdisplayer
  • NagraID 106/103
  • NagraID 306 (OCRA)
  • BR Token SafeSIGNATURE
  • LSE Simple Pass token
  • LSE Remote Token
  • LSE Radius Token
  • LSE Tagespasswort Token
  • Apps for iPhone and Android like the Google Authenticator
  • Any HOTP/ TOTP and OCRA Token
  • Yubikey mass enrollment via CLI
  • support for token databases like sqlite, mysql, postgresql, oracle, db2
  • management via web interface or command line client
  • Users stored in flat files
  • PAM module
  • SAML
  • OpenID
  • FreeRADIUS connection via rlm_perl
  • Selfservice
  • Import of XML Token files
  • Management functions:
  • enroll/assign tokens
  • synchronize, resynchronize, automatic resychronization
  • activate/deactivate/delete tokens
  • autoassignment
  • lost token scenario
  • find token by OTP value
  • get OTP value
  • Detailed Policies Definitions
  • Sophisticated Audit API
  • Multitenancy

Source Code

Being written in Python the program itself comes as the source code.

gollark: It's SQLite and the application is Node.js. Both of which are totally single-threaded. Which is probably why.
gollark: I put together this simple search engine thing (https://search.osmarks.tk) as a fun project to try and practice building somewhat complex applications. It seemed to work fine on the test dataset of my website. But then I got bored and decided to have it crawl esolangs.org, and it's about a 14th of the way through after running for maybe an hour (at 1 page crawled/second), queries are running quite slowly, and the lack of pagination is causing problems. I guess this is a lesson in scaling?
gollark: Shadowbans by themselves are quite evil.
gollark: I don't see why I would want to.
gollark: That documentation seems to be more about running ChromeOS' UI on Linux than DRM stuff.

See also

References
  1. "OATH certified authentication server". Initiative for open authentication. Archived from the original on 28 May 2013. Retrieved 20 May 2013.
  2. "LinOTP API". LinOTP. Retrieved 14 Nov 2013.
  3. "LinOTP Features". LinOTP. Retrieved 20 May 2013.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.