LinuxQuestions.org
Help answer threads with 0 replies.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page One Time Password
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 10-13-2009, 06:11 PM   #1
nima0102
Member
 
Registered: Nov 2006
Posts: 209

Rep: Reputation: 30
One Time Password

Hi

I am working on project about implementing One Time Password on Linux server.I have found OPIE (opie-server & pam_opie).
Has Anyone experience with OPIE?
May you give me more solution or suggestion about One Time Password ?
Thanks in advance
 
Old 10-14-2009, 11:12 AM   #2
wfh
Member
 
Registered: Sep 2009
Location: Northern California
Distribution: Ubuntu Debian CentOS RHEL Suse
Posts: 164

Rep: Reputation: 44
OPIE works, off the shelf. I've done system tests using OPIE in network appliances. The biggest problem with OTP is: your wallet becomes a security risk : )
 
Old 10-14-2009, 11:26 AM   #3
nima0102
Member
 
Registered: Nov 2006
Posts: 209

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by wfh View Post
OPIE works, off the shelf. I've done system tests using OPIE in network appliances. The biggest problem with OTP is: your wallet becomes a security risk : )
Thanks for your attention
Did you implement OPIE solution in production system ??
Thanks in advance
 
Old 10-14-2009, 12:04 PM   #4
wfh
Member
 
Registered: Sep 2009
Location: Northern California
Distribution: Ubuntu Debian CentOS RHEL Suse
Posts: 164

Rep: Reputation: 44
We implemented OTP as one of many authentication methods for a network appliance. The appliances were used for "back door" access into server infrastructure.

I was tasked by our test group to read through the documents available and come up with a method for comprehensively testing OTP functionality.

There are a couple of major issues:

- generate "one-time pads" of passwords
- recovery in the case of a loss-of-sequence

You sometimes don't get proper challenge/authenticate success, for whatever reason. It is important to understand how to recover from that scenario; which password works next in sequence.

I had to surrender all my notes on the subject, so I am working from my leaky memory, here : )
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
any suggestions for one time password solution adam_blackice Linux - Security 1 06-29-2008 10:05 PM
One time password satimis Linux - Security 2 05-20-2008 05:10 PM
One time password (OTP) suggestion satimis Linux - Software 0 06-24-2006 02:22 AM
password for changing time nédée Debian 6 12-18-2005 09:35 AM
changing password retry time andy753421 Linux - Security 2 12-19-2004 06:24 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:15 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration