[Bug 659106] New: Review Request: pam_otpw - one-time-password module for PAM
bugzilla at redhat.com
bugzilla at redhat.com
Wed Dec 1 22:40:34 UTC 2010
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
Summary: Review Request: pam_otpw - one-time-password module for PAM
https://bugzilla.redhat.com/show_bug.cgi?id=659106
Summary: Review Request: pam_otpw - one-time-password module
for PAM
Product: Fedora
Version: rawhide
Platform: All
OS/Version: Linux
Status: NEW
Severity: medium
Priority: low
Component: Package Review
AssignedTo: nobody at fedoraproject.org
ReportedBy: mweetman at redhat.com
QAContact: extras-qa at fedoraproject.org
CC: notting at redhat.com, fedora-package-review at redhat.com
Group: private
Estimated Hours: 0.0
Classification: Fedora
Spec URL: http://killboy.yourdevlab.com/rpms/pam_otpw.spec
SRPM URL: http://killboy.yourdevlab.com/rpms/pam_otpw-1.4-1.fc13.src.rpm
Description: The OTPW package consists of the one-time-password generator
otpw-gen plus two
verification routines otpw_prepare() and otpw_verify() that can easily be added
to programs such as login or ftpd on POSIX systems. For platforms that support
the Pluggable Authentication Method (PAM) interface, a suitable wrapper is
included as well. Login software extended this way will allow reasonably secure
user authentication over insecure network lines. The user carries a password
list on paper. The scheme is designed to be robust against theft of the paper
list and race-for-the-last-letter attacks. Cryptographic hash values of the
one-time passwords are stored for verification in the user’s home directory.
Notes:
This was requested for review previously by Luke Ross here
https://bugzilla.redhat.com/show_bug.cgi?id=188014 but seems to have fallen by
the wayside.
I used the latest development snapshot dated 28-Mar-2004 from
http://www.cl.cam.ac.uk/~mgk25/download/otpw-snapshot.tar.gz, it's listed in
the README as 1.4 but not officially released, not sure if this is ok ?
I also modified Makefile in accordance with the notes in BZ188014 and added the
GPL LICENSE file, please review this too.
This package will need a sponsor.
cheers
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the package-review
mailing list