pam-u2f - Pluggable Authentication Module (PAM) for U2F

  •        51

This module implements PAM over U2F, providing an easy way to integrate the YubiKey (or other U2F compliant authenticators) into your existing infrastructure.This project uses autoconf, automake, pkg-config and libtool to achieve portability and ease of use. If you downloaded a tarball, build it as follows.

https://developers.yubico.com/pam-u2f/
https://github.com/Yubico/pam-u2f

Tags
Implementation
License
Platform

   




Related Projects

SoftU2F - Software U2F authenticator for macOS

  •    Swift

Soft U2F is a software U2F authenticator for OS X. It emulates a hardware U2F HID device and performs cryptographic operations using the OS X Keychain. This tool works with Google Chrome and Opera's built-in U2F implementations as well as with the U2F extensions for OS X Safari and Firefox.We take the security of this project seriously. Report any security vulnerabilities to the GitHub Bug Bounty Program.

u2f-ref-code - U2F reference implementations

  •    Javascript

This code can verify U2F registrations and signatures. A web application built to accept U2F 2nd factor is built on top of a code base such as this. The code base includes a trivial web application so the user can experiment with registration and signatures (also see the sample web app below).This is a Java implementation of a U2F device. It generates registration and signature statements and is meant for testing against your server implementation. A physical U2F device will generate similar statements.

Ruby/PAM

  •    

This project aims to provide an interoperability between Ruby and PAM. Ruby/PAM is a ruby binding for PAM library, and PAM/Ruby is a PAM module which enable us to write an authentication module in Ruby.

OpenPAM - Linux Pluggable Authentication Module

  •    C

OpenPAM is an Pluggable Authentication Module (PAM) library that focuses on simplicity, correctness, and cleanliness. Its aim is to gather the best features of Solaris PAM, ?XSSO and Linux-PAM, plus some innovations of its own. In areas where these implementations disagree, OpenPAM tries to remain compatible with Solaris, at the expense of XSSO conformance and Linux-PAM compatibility.

pam-mongodb - PAM module to authenticate a user via mongoDB database

  •    Perl

A C PAM module using libmongo-client (MongoDB C driver) and Glib to authenticate a user against a MongoDB database. The general idea of this is that to authenticate users on the network, they will have to have a valid account to a database on the mongoDB server.


pam-ussh - uber's ssh certificate pam module

  •    Go

Uber's SSH certificate pam module.This is a pam module that will authenticate a user based on them having an ssh certificate in their ssh-agent signed by a specified ssh CA.

privacyIDEA - Modular Authentication System

  •    Python

privacyIDEA is a Two Factor Authentication System which is multi-tenency- and multi-instance-capable. Using privacyIDEA you can enhance your existing applications like local login, VPN, remote access, SSH connections, access to web sites or web portals with a second factor during authentication.

PAM login module for JAAS

  •    Java

Java bridge (bindings, interface) to PAM. JAAS login module using PAM for authentication.

yubiswitch - OSX status bar application to enable/disable Yubikey Nano

  •    Objective-C

yubiswitch is an OSX status bar application to enable/disable a Yubikey Nano or Neo from Yubico. Yubico is the producer of the Yubikeys: an hardware authentication device, designed to provide an easy to use and secure compliment to the traditional username and password.

teleport - Privileged access management for elastic infrastructure.

  •    Go

Teleport is built on top of the high-quality Golang SSH implementation and it is fully compatible with OpenSSH and can be used with sshd servers and ssh clients. Download the latest binary release, unpack the .tar.gz and run sudo ./install. This will copy Teleport binaries into /usr/local/bin.

pam-telecenter

  •    C

pam-telecenter is a PAM (Plugabble Authentication Modules) library that provides a set of features for you authenticate users in a telecenter. It depends on a PostgreSQL database to store user information. pam-telecenter supports roaming.

Barada

  •    Java

Barada (Barada Aint Respecting Any Deceptive Adversaries) is a PAM module designed to provide two-factor authentication support. There is companion software called Gort which runs on Android devices, essentially turning your phone into a SecureID token. The PAM module is available in the repositories for Debian based distributions. Gort, the Android client, is available from the android market (https://play.google.com/store/apps/details?id=net.sf.crypt.gort)

pam_ssh_agent_auth

  •    C

PAM module which permits authentication for arbitrary services via ssh-agent. Written with sudo in mind, but like any auth PAM module, can be used for for many purposes.

PAM X509 Authentication Module

  •    C

PAM module which will authenticate user by X509 certificates. Keys must be provided in some automountable location. As storage may be used usb steaks, bluetooth storage devices... Mainly intended for password-less authentication on single user clients pc

Google Authenticator - Two factor authentication

  •    Java

The Google Authenticator project includes implementations of one-time passcode generators for several mobile platforms, as well as a pluggable authentication module (PAM). One-time passcodes are generated using open standards developed by the Initiative for Open Authentication (OATH). These implementations support the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238.

pamtester

  •    C

pamtester is a tiny utility program to test the pluggable authentication modules (PAM) facility, specifically designed to help PAM module authors to intensively test their own modules.

Out-of-band authentication via PAM

  •    C

PAM module provides out-of-band (obc) authentication mechanism. pam_obc generates a one-time password and delivers it to the user via an arbitrary, user defined out-of-band channel.

pam-pg

  •    C

This is a PAM plugin module to authenticate users using the PostgreSQL, it's more secure because you can let the database in a low-level secure machine and just one postgresql user will be granted to connect to this database using restricted functions

pam-mysql

  •    C

This is a module that allows PAM aware applications to authenticate users through a MySQL database. Now configurable in terms of which host the database reside upon, which table and username and password column to interrogate.