similar to: Logon with Client Certificate and OTP fallback

Hi, I'm writing a checkpassword script in order to support our OTP token as a fallback for client certificate authentication. Here are two questions: 1) It seems to me that the username and the password will be delivered to my script both on file descriptor 3 and via the environment variables AUTH_USER and AUTH_PASSWORD. May I ignore file descriptor 3 and use the environment variables or may

Add OTP parity table. diff -urdpNX /usr/share/dontdiff -x Makefile dovecot.vanilla/src/lib-otp/otp-parity.c dovecot/src/lib-otp/otp-parity.c --- dovecot.vanilla/src/lib-otp/otp-parity.c 1970-01-01 03:00:00.000000000 +0300 +++ dovecot/src/lib-otp/otp-parity.c 2006-06-23 13:44:31.161891112 +0400 @@ -0,0 +1,29 @@ +/* + * OTP parity table. + * + * Copyright (c) 2006 Andrey Panin <pazke at

Hey all, has anyone ever successfully implemented some form of OTP system with dovecot? Im looking at setting up an OATH/HOTP-TOTP based OTP for our services, but the webmail service (which uses dovecot) is a difficult one. Any info on implementations would be appreciated, Regards, Cor

Dear Everybody: May I ask how to configure dovecot otp one-time verification login, that is, after the user logs in to the mailbox with the password + otp, he can send and receive emails without entering the password + otp again? # This is my settings: # /etc/dovecot/conf.d/10-auth.conf disable_plaintext_auth = yes auth_cache_size = 10M auth_failure_delay = 5 secs

Hello, I was wondering where I might find more information about using OTP as an authentication protocol with dovecot. In searching, I found a thread from 2004, but not much information about how it has progressed from then. I also saw some promising patches from mid-last year, which if I had to guess are probably the addition of support for the SASL OTP mechanism. Is this available in a

I want to discuss some problems/enhancements for dovecot in a webmail/otp setup. For access to an IMAP server like dovecot I see different client types: a) a "normal" MUA installed in a more or less trusted environment b) remote access via "webmail" from untrusted environments For a) I see with dovecot and other IMAP servers no problems, tricky is the setup for b). If you use

This patchset add support for One-Time-Password authentication mechanisms, both S/Key (RFC 1731) and OTP (RFC 2444) are implemented. Tested with mutt (uses cyrus sasl library for authentication). Patches were made against CVS HEAD. Please take a look. Add auth_cache_remove() function which will be used by OTP code to evict old entries from auth cache. diff -urdpNX /usr/share/dontdiff -x

If I were going to do this, I would probably try moving to a Windows 200x AD domain controller, and implementing RSA SecurID on that machine. I have not worked with other OTP solutions. As far as I understand, if Samba is configured as a domain controller, it expects to be able to handle the authentication itself. OTP is , in my opinion, most valuable when you are exposing resources to the

https://bugzilla.samba.org/show_bug.cgi?id=13496 Bug ID: 13496 Summary: lseek returned -1, not 2147483648: Invalid argument (22) Product: rsync Version: 3.1.2 Hardware: Sparc OS: Solaris Status: NEW Severity: normal Priority: P5 Component: core Assignee:

I don't see a way to do this currently (unless I am missing something) but I would like to be able to specify, that in order for a user to login, they need to use at least 1 public key from 2 separate key sources.? Specifically this would be when using "AuthenticationMethods publickey,publickey".? Right now requiring 2 public keys for authentication will allow 2 public keys from

Are there any plans on the table to add native support for two-factor authentication, such as password *and* public key? Visa PCI standards require two-factor authentication for remote access and if password+key was available in openssh it would be much easier to maintain and support than a full-blown vpn with all the cross-platform compatibility issues that come with one. Thanks! Jacob

Dear all A new R package 'otpr' is now available on CRAN. It's a wrapper for the OpenTripPlanner (OTP) API and is primarily aimed at researchers and transport planners who want to use OTP to carry out accessibility studies or generate variables for transport models. The package consists of four main functions: otp_connect() - defines and tests the connection to an OTP instance.

Dear all A new R package 'otpr' is now available on CRAN. It's a wrapper for the OpenTripPlanner (OTP) API and is primarily aimed at researchers and transport planners who want to use OTP to carry out accessibility studies or generate variables for transport models. The package consists of four main functions: otp_connect() - defines and tests the connection to an OTP instance.

There has been some good discussion around our IBM security team as to what actually constitutes SSH multi factor authentication. There are 2 options being discussed. One, the Google Authenticator (OTP authentication). Two, Public/Private key authentication (pubkeyauthentication = yes) which supports pass phrase private key authentication. Which of these is considered multi-factor

I have read archives about two-factor authentication on this list and it is interesting and can open up a can of worms. I don't intend on opening a can of worms or spur debate. As far as I can tell, authentication to openssh can be performed by signing a connection request with a private client key & having the server decrypt the key with the public key. The other way to authenticate (of

Dear readers we are using Dovecot 2.2.7 and all of our users are using Thunderbird as their mail client. Some of them additionally use their iPad/iPhone and a very few an Android Mail-Client. Now one user noticed that two of his mail folders disappeared. He first believed that he accidentally deleted those folders but then he realized that they are still visible from his iPad. I checked this

Hi All, I'm not sure what's causing this but every time I copy a file from one of the Macs (details below) to the Samba server the file timestamp is changed to the copy time rather than retaining the last modified time. Does anyone know what could be causing this? Systems: Mac OSX (versions 10.3.x -> 10.4.x) Windows 2000 Professional Solaris 10 running Samba 3.0.11 Tests... Mac

Dear all, There were a lot of discussions about smartcards and tokens, and we would like to make a simple offer: donate to each OpenSSH developer an ePass2003. The ePass2003 relies on one single chip and the most advanced OpenSC token available to date. It is also the cheapest token of all times. Read a description here: http://www.gooze.eu/epass-2003 Documentation:

Hi, My goal is to protect my mail account with 2FA, which isn't a crazy idea in 2020. Therefore, I would like to know the possibilities of configuring 2FA for Dovecot. In the documentation there are some hints of e.g. OTP in Dovecot [1] and using FreeIPA with Dovecot [2], where FreeIPA has the ability to enable OTP per user [3]. But I can't really find much practical information about

The above version of OpenSSH seems to work fine most of the time, but when I connect to one server in particular I get a very odd looking login prompt: pts/0::mugz!xm[~] ssh -l mugz <host-name-omitted> otp-md5 414 cr6003 ext S/Key Password: otp-md5 265 cr4395 ext S/Key Password: otp-md5 332 cr9989 ext S/Key Password: scripter at crimelords.org's password: I enter my password 3 times in