LinOTP is a solution for strong two-factor authentication with one time passwords. It features a modular architecture into which UserIdResolver, authentication, and OTP calculation modules can be plugged. It includes UserIdResolver modules for LDAP/AD, SQL, and flat file user databases, and authentication modules for PAM and RADIUS. New modules can be developed easily. Supported tokens are HMAC-OTP/HOTP (RFC 4226/ OATH compliant), Aladdin eToken PASS, eToken NG-OTP, Safeword Alpine, Google Authenticator, motp, SMS OTP/Mobile TAN, and a Simple Pass token for users without token hardware. TOTP is supported, along with a new algorithm for daily passwords for applications not supporting RADIUS. CLI, Web, and GTK+ GUI clients are available for management. LinOTP features multi-client capability, redundancy, and a self-service portal. It has been used with PAM for local and SSH logins, Apache, VPN, and Windows Terminal Server, and is OATH certified.
Release Notes: QR-Code enrolment was added to the management Web UI and self-service portal. A QR-Code image was added to replies. It is now possible to send a HTTP 500 error response instead of status:false. Man pages were added for command line tools. Broken TOTP resync was fixed. Performance with dynamic token classes was improved. The contents of the lost password token was defined. Also added were HTML documentation for the LinOTP Web UI, import of OCRA seeds via CSV, support for the AD uidType DN, objectGUID, and sAMAccountName, counting of only active tokens for the licensing, and improved SQL- and LDAPResolver.
Release Tags: Minor Release, OCRA usability, Resolver improvements
Tags: Security, Authentication, PAM, RADIUS, OTP, token, HTOP, TOTP, OATH certificied, Google Authenticator, Yubikey, 2FA, OATH import, OCRA, QR-TAN, motp
Licenses: GPL, AGPLv3